Skip navigation
1 2 3 4 5 6 Previous Next

API Notifications

145 posts

A new release of Qualys Cloud Suite, Version 8.12, this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC), includes an updated API which is targeted for release in February 2018. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.  Please refer to the detailed release notes attached to this notification for more information.

 

What's new

Enhanced Asset Group API v2 /api/2.0/fo/asset/group/

The Asset Group API v2 (/api/2.0/fo/asset/group/) contains the following new updates:

- Download the API results in a CSV format

- Fetch comments for an asset group

 

Asset Group List Output - DTD Change 
The Asset Group List Output DTD is used when you list the asset groups in your account. We’ve made several changes to this DTD.

 

Compliance Authentication Report - DTD Change /api/2.0/fo/report with action=fetch
The Compliance Authentication Report DTD is used when you download a saved authentication report from your account. We’ve made updates to this DTD to add missing elements that resulted in validation errors.


Dynamic Search List API - Support for CPE Type /api/2.0/fo/qid/search_list/dynamic/
The Dynamic Search List API lets you create/update dynamic search lists and get information about them. We’ve added API support for CPE “part” values (Operating System, Application, Hardware) in dynamic search lists, allowing you to target specific vulnerabilities for sending to the appropriate remediation teams.

 

New VM Scan Statistics API /api/2.0/fo/scan/stats/
The new VM Scan Statistics API allows customers to get details about vulnerability scans and assets that are waiting to be processed. You’ll see these sections in the XML output:
UNPROCESSED SCANS - The total number of scans that are not processed, including scans that are queued, running, loading, finished, etc.
VM RECRYPT BACKLOGS - The total number of assets across your finished scans that are waiting to be processed.
VM RECRYPT BACKLOGS BY SCAN - Scan details for vulnerability scans that are waiting to be processed. For each scan, you’ll see the scan ID, scan title, scan status, processing priority and number of hosts that the scan finished but not processed.
VM RECRYPT BACKLOGS BY TASK - Processing task details for vulnerability scans that are waiting to be processed. For each task, you’ll see the same scan details as VM RECRYPT BACKLOGS BY SCAN plus additional information like the total hosts alive for the scan, the number of hosts from the scan that have been processed, the number of hosts waiting to be processed, the scan start date, the task type and task status.

 

Host List Detection API - New ARF Filters for Kernel, Service and Configuration /api/2.0/fo/asset/host/vm/detection/
You can now filter your host detection list based on Acceptable Risk Factors (ARF) related to kernel, service and host configuration. The risk factor or exploitability of a detected vulnerability is based on an ARF rule, which is pre-defined by Qualys. NOTE: active_kernels_only is now deprecated and will be removed in a future release. Please use arf_kernel_filter instead.

 

Scan Schedule API - Enhanced EC2 Details /api/2.0/fo/schedule/scan/

The Scan Schedule API v2 supports defining schedules for vulnerability scans. We now provide you more details about your EC2 connector. Using the list action, you can now view details such as the provider (Amazon Web Services-AWS), connector name, the unique UUID assigned to it, the region, type of scan, and so on.

 

New element in Authentication Records List DTD /api/2.0/fo/auth/
We’ve made DTD changes to add new elements to the authentication record list output. This is pre-release functionality scheduled for a future release related to VMware vCenter authentication support.

 

Vault Support for VMware Authentication /api/2.0/fo/auth/vmware/
Now users can configure VMware authentication records to use vaults to access credentials used for authentication.

 

Support for CertView scans (coming soon!)

We’ve made updates to the Scan API to support CertView scans when CertView GA is released (keep in mind CertView scans are not supported at this time).

Scan List API /api/2.0/fo/scan/?action=list
Launch Scan API /api/2.0/fo/schedule/scan/?action=launch
Schedule Scan API /api/2.0/fo/schedule/scan/?action=create
Add Asset API /api/2.0/fo/asset/ip/?action=add

A new release of Qualys Cloud Suite, Version 8.12, this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC), includes an updated API which is targeted for release in January 2018. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.  Please refer to the detailed release notes attached to this notification for more information.

 

What's new
Dynamic Search List API - Support for CPE Type /api/2.0/fo/qid/search_list/dynamic/
The Dynamic Search List API lets you create/update dynamic search lists and get information about them. We’ve added API support for CPE “part” values (Operating System, Application, Hardware) in dynamic search lists, allowing you to target specific vulnerabilities for sending to the appropriate remediation teams.

 

Asset Group List Output - DTD Change
The Asset Group List Output DTD is used when you list the asset groups in your account. We’ve made several changes to this DTD.

 

Compliance Authentication Report - DTD Change /api/2.0/fo/report with action=fetch
The Compliance Authentication Report DTD is used when you download a saved authentication report from your account. We’ve made updates to this DTD to add missing elements that resulted in validation errors.

 

Support for CertView scans (coming soon!)

We’ve made updates to the Scan API to support CertView scans when CertView GA is released (keep in mind CertView scans are not supported at this time).

Scan List API /api/2.0/fo/scan/?action=list
Launch Scan API /api/2.0/fo/schedule/scan/?action=launch
Schedule Scan API /api/2.0/fo/schedule/scan/?action=create
Add Asset API /api/2.0/fo/asset/ip/?action=add

A new release of Qualys Cloud Suite, Version 2.31, includes an updated API which is targeted for release in January 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

What's new

New Way to Track API usage
You can now track API usage by a user without the need to provide user credentials such as the username and password.API usage can be tracked using the X-Powered-By HTTP header which includes a unique ID generated for each subscription and a unique ID generated for each user. Once enabled, the X-Powered-By HTTP header is returned for each API request made by a user.  Note: This functionality should now be available platform wide.

 

CA - Activate / Deactivate FIM and IOC modules for an agent /qps/rest/2.0/activate/am/asset/
You can now activate or deactivate FIM and IOC modules for an agent through a single API request.

 

AWS Asset Data Connector API - Support for China Region /qps/rest/2.0/create/awsassetdataconnector
Now you can easily scan EC2 instances included in the AWS China region for vulnerabilities and policy compliance using the Qualys Cloud Platform. You can create/update EC2 connectors to pull instance info from the China region, activate discovered instances for the VM, PC or SCA module, and scan them using our EC2 scan workflow.

A new release of Qualys Cloud Suite, Version 8.11.2 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC)), includes an updated API which is targeted for release in December 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

What's New

New Notification parameters for /2.0/fo/api/schedule/scan/

The following additional parametrs for Create and Update of a scheduled scan will be available:

  • before_notify
  • after_notify
  • before_notify_unit
  • before_notify_time
  • before_notify_message
  • recipient_group_ids

 

The following additional parameter for List will be available:

  • show_notifications

 

New Scanner Role Permission to Add Assets /api/2.0/fo/asset/ip
Your subscription may now be configured to allow users with a Scanner user role to be granted the “Add assets” permission. When granted, this allows the user to add new IP addresses to the subscription from the UI and API.

 

Compliance Policy API - Change to Policy Evaluation /api/2.0/fo/compliance/policy/
Now we will only start policy evaluation when you make changes to a policy using the API when 1) the Evaluate Now check box is selected for the policy in the UI Policy Editor, or 2) you specify evaluate_now=1 in the API request. When evaluate_now=1 is specified we will start policy evaluation and we’ll select the Evaluate Now check box for the policy in the UI.

 

Option Profile API - DTD Change /api/2.0/fo/subscription/option_profile/
We added a new element QRDI_CHECKS to the Option Profile Info DTD (option_profile_info.dtd). This flag is for Qualys Internal Use Only.

A new release of Qualys Cloud Suite, Version 8.11.2 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC)), includes an updated API which is targeted for release in December 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

 

What's new
New Notification parameters for /2.0/fo/api/schedule/scan/

 

The following additional parameters for Create and Update of a scheduled scan will be available:

  • before_notify
  • after_notify
  • before_notify_unit
  • before_notify_time
  • before_notify_message
  • receipient_group_ids

The following additional parameter for List will be available:

  • show_notifications

A new release of Qualys Cloud Suite, Version 8.11 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC)), includes an updated API which is targeted for release in October 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API. The release notes are attached at the end of this notice.

 

What's new

Tomcat Server Auth - Extended Support to Windows /api/2.0/fo/auth/tomcat/

We now support vulnerability and compliance scans for tomcat servers running on Windows hosts. Simply create a Tomcat Server record with details about your Apache Tomcat installation and instance. Your Tomcat Server records may include details for both Windows and Unix installations (previously supported). 


New MongoDB Authentication API /api/2.0/fo/auth/mongodb/

With this release MongoDB authentication is supported for vulnerability scans and compliance scans using Qualys apps VM, PC, SCA. The MongoDB Record API (<baseurl>/api/2.0/fo/auth/mongodb/) allows you manage MongoDB records for performing authenticated scans of MongoDB instances running on Unix.


New Palo Alto Firewall Authentication API /api/2.0/fo/auth/palo_alto_firewall

We now have added a new API to support Palo Alto Firewall. Using the Palo Alto Firewall API (.../api/2.0/fo/auth/palo_alto_firewall) you can perform these actions: create, update, list, delete.

 

Thycotic Secret Server vault supports private key retrieval
Thycotic Secret Server vault now supports the retrieval of the private key for authenticated scanning. Users can enable the private key retrieval option for these authentication records: MongoDB, PostgresSQL, Unix


Scheduled Scan API Improvements /api/2.0/fo/schedule/scan/

You now have the ability to update scheduled scans using the Scan Schedule V2 API (/api/2.0/fo/schedule/scan/). We also added new input parameters for more granular time selections for defining when to end, pause and resume a scan.


Scanner API - New parameter for Scanner Type  /api/2.0/fo/appliance/

We now added a new parameter to Scanner appliance API (... /api/2.0/fo/appliance/) for you to identify the type of scanner appliance. However, the type of scanner appliance is reflected in the output only if the output mode is set to full.

 

Option Profile API - Enable Auto Update /api/2.0/fo/subscription/option_profile/

We now added a new element to compliance option profile API (.../api/2.0/fo/subscription/option_profile/) when you export/import an option profile we'll now show you whether the Auto Update expected value is enabled or not.

 

Option Profile API - Disable overriding OS value in subsequent scans /api/2.0/fo/subscription/option_profile/

You can configure an option profile to not override the OS detected by a previous scan. This is especially useful if you’re running a light or custom scan and you don’t want to overwrite the OS detected by a Full scan.

 

Excluded Hosts List API - New tag filters /api/2.0/fo/asset/excluded_ip/

We now added new filters to Excluded Hosts API (...api/2.0/fo/asset/excluded_ip/) for you to list excluded hosts that user has access to.


VM - Get additional information for detection type INFO /api/2.0/fo/asset/host/vm/detection/

The Host List Detection (.../api/2.0/fo/asset/host/vm/detection/) API now provides following additional information for the detection type “Info”:

- severity level

- date and time when first detected

- date and time when last detected

- number of times detected 

 

VM - Show QG Host ID for assets scanned with Agentless Tracking /api/2.0/fo/asset/host/vm/detection/ & /api/2.0/fo/asset/host/

You’ll now see the QG Host ID (Qualys Host ID) for assets scanned with Agentless Tracking enabled (an option that allows you to track hosts by host ID). Previously the QG Host ID only appeared for assets with cloud agents installed.

 

VM - Show QID Changes in KnowledgeBase API /api/2.0/fo/knowledge_base/vuln/

You’ll now be able to view a list of changes made by Qualys to any QID in the Vulnerability KnowledgeBase including changes to detection logic, severity level and vulnerability type (confirmed, potential, information gathered). For each change you’ll see the date of the change and comments provided by the Qualys Vulnerability Signatures team.


PC - View Asset Groups and Tag Information in XML Report Updated DTD Only for /api/2.0/fo/compliance

The Compliance Policy Report DTD is now updated so that the policy report (xml) provides information about Asset Groups, IPs, Host Instances and Tags.


PC - New UDC for Windows and Unix

We have now updated Control (.../api/2.0/fo/compliance/control) and Compliance Policy Report (.../api/2.0/fo/report/) APIs to support integrity content check of Unix and Windows directory and files.


New way to track API usage Update to Header only

 API usage can be tracked using the X-Powered-By HTTP header which includes a unique ID generated for each subscription. Once enabled, the X-Powered-By HTTP header is returned for each API request made by a user. This will enable you to track API requests across users without providing the user credentials.

A new release of Qualys Cloud Suite, Version 8.11 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC)), includes an updated API which is targeted for release in October 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.  The release notes are attached at the end of this notice.

 

What's new

Tomcat Server Auth - Extended Support to Windows /api/2.0/fo/auth/tomcat/

We now support vulnerability and compliance scans for tomcat servers running on Windows hosts. Simply create a Tomcat Server record with details about your Apache Tomcat installation and instance. Your Tomcat Server records may include details for both Windows and Unix installations (previously supported). 


New MongoDB Authentication API /api/2.0/fo/auth/mongodb/

With this release MongoDB authentication is supported for vulnerability scans and compliance scans using Qualys apps VM, PC, SCA. The MongoDB Record API (<baseurl>/api/2.0/fo/auth/mongodb/) allows you manage MongoDB records for performing authenticated scans of MongoDB instances running on Unix.


New Palo Alto Firewall Authentication API /api/2.0/fo/auth/palo_alto_firewall

We now have added a new API to support Palo Alto Firewall. Using the Palo Alto Firewall API (.../api/2.0/fo/auth/palo_alto_firewall) you can perform these actions: create, update, list, delete.


Scheduled Scan API Improvements /api/2.0/fo/schedule/scan/

You now have the ability to update scheduled scans using the Scan Schedule V2 API (/api/2.0/fo/schedule/scan/). We also added new input parameters for more granular time selections for defining when to end, pause and resume a scan.


Scanner API - New parameter for Scanner Type  /api/2.0/fo/appliance/

We now added a new parameter to Scanner appliance API (... /api/2.0/fo/appliance/) for you to identify the type of scanner appliance. However, the type of scanner appliance is reflected in the output only if the output mode is set to full.


VM - Get additional information for detection type INFO /api/2.0/fo/asset/host/vm/detection/

The Host List Detection (.../api/2.0/fo/asset/host/vm/detection/) API now provides following additional information for the detection type “Info”:

- severity level

- date and time when first detected

- date and time when last detected

- number of times detected 


PC - View Asset Groups and Tag Information in XML Report Updated DTD Only for /api/2.0/fo/compliance

The Compliance Policy Report DTD is now updated so that the policy report (xml) provides information about Asset Groups, IPs, Host Instances and Tags.


PC - New UDC for Windows and Unix

We have now updated Control (.../api/2.0/fo/compliance/control) and Compliance Policy Report (.../api/2.0/fo/report/) APIs to support integrity content check of Unix and Windows directory and files.


New way to track API usage Update to Header only

 API usage can be tracked using the X-Powered-By HTTP header which includes a unique ID generated for each subscription. Once enabled, the X-Powered-By HTTP header is returned for each API request made by a user. This will enable you to track API requests across users without providing the user credentials.

A new release of Qualys Cloud Suite, Version 2.30 includes an updated API which is targeted for release in September 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API and make changes to any scripts that utilize this specific API.

 

What's New

Change to the API is the addition of a new TagRuleType value, "CLOUD_ASSET". This corresponds to the new EC2 dynamic tag rule type as added in the UI for this feature.  More details will be in the release notes when they get released.

 

We are also removing the operator value NOT_EQUALS from the delete API's to curtail inadvertent deletions of large values outside of the scope. 

 

Admin - User API
We have introduced a new API (https://<baseurl>/qps/rest/1.0/{action}/admin/user) that will give the list of users along with their tags to the authorized user. Currently, we support three actions for the users: search, count, and get details of a user.

 

In Addition please see previously released API notifications:

Qualys Cloud Suite 2.30 API Notification 1 

Qualys Cloud Suite 2.30 (WAF v2.5) API Notification 1 

A new release of Qualys Cloud Suite, Version 8.10.2 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC)), includes an updated API which is targeted for release in August 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API. The release notes are attached at the end of this notice.

 

Whats new
Introducing New User Administrator Role
Manager users can now create a new user role: User administrator. Users with this role will only have access to users, assets groups, business units and distribution groups.

 

VM - Host List Detection API - Processed Timestamp
The Host List Detection API v2 (../api/2.0/fo/asset/host/vm/detection/) now supports processed timestamp for each detection. You can now filter detections that were processed before/after a specific date using dectection_processed_before and dectection_processed_after parameters.

 

VM - Scan Results DTD - Optional elements added

We’ve added 2 optional elements to Scan Results DTD (scan-1.dtd) for internal use. Users will not see these elements in scan results XML output, unless the QRDI VulnerabilitiesBeta feature is enabled for the subscription.

 

A new release of Qualys Cloud Suite, Version 2.30 (this is specifically for WAF v2) includes an brand new API, which implements all of the functionality of our new WAF v2 product released last February, which is targeted for release in September 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API and begin planning appropriately. This will get a brand new API Guide to support when we go live.


Cluster API

GET/qps/rest/2.0/get/waf/cluster/:id Get a cluster
GET/qps/rest/2.0/count/waf/cluster Count clusters in scope
POST/qps/rest/2.0/search/waf/cluster Search clusters in scope from criterias
POST/qps/rest/2.0/create/waf/cluster Create a cluster
POST/qps/rest/2.0/update/waf/cluster/:id Update a cluster
POST/qps/rest/2.0/update/waf/cluster Update clusters (bulk change)
POST/qps/rest/2.0/delete/waf/cluster/:id Delete a cluster
POST/qps/rest/2.0/delete/waf/cluster Delete clusters (bulk change)

 

Appliance API
GET/qps/rest/2.0/get/waf/appliance/:id Get an appliance
GET/qps/rest/1.0/count/waf/appliance Count appliances in scope
POST/qps/rest/1.0/search/waf/appliance Search user's appliances from criterias
POST/qps/rest/1.0/delete/waf/appliance/:id Delete an appliance

 

Certificate API
GET/qps/rest/2.0/get/waf/certificate/:id Get a certificate
GET/qps/rest/2.0/count/waf/certificate Count certificates in scope
POST/qps/rest/2.0/search/waf/certificate Search certificates in scope from criterias
POST/qps/rest/2.0/create/waf/certificate Create a certificate profile
POST/qps/rest/2.0/update/waf/certificate/:id Update a certificate profile
POST/qps/rest/2.0/update/waf/certificate Update certificates (bulk change)
POST/qps/rest/2.0/delete/waf/certificate/:id Delete a certificate profile
POST/qps/rest/2.0/delete/waf/certificate Delete certificates (bulk change)

 

Healthcheck API
GET/qps/rest/2.0/get/waf/healthcheck/:id Get an healthcheck profile
GET/qps/rest/2.0/count/waf/healthcheck Count Healthcheck Profiles in scope
POST/qps/rest/2.0/search/waf/healthcheck Search Healthcheck Profiles in scope from criterias
POST/qps/rest/2.0/create/waf/healthcheck Create an healthcheck Profile
POST/qps/rest/2.0/update/waf/healthcheck/:id Update an Healthcheck Profile
POST/qps/rest/2.0/update/waf/healthcheck Update Healthcheck Profiles (bulk change)
POST/qps/rest/2.0/delete/waf/healthcheck/:id Delete an Healthcheck Profile
POST/qps/rest/2.0/delete/waf/healthcheck Delete Healthcheck Profiles (bulk change)

 

Web Server API
GET/qps/rest/2.0/get/waf/webserver/:id Get a webserver profile
GET/qps/rest/2.0/count/waf/webserver Count Web Servers Profiles in scope
POST/qps/rest/2.0/search/waf/webserver Search Web Server Profiles in scope from criterias
POST/qps/rest/2.0/create/waf/webserver Create a Web Server Profile
POST/qps/rest/2.0/update/waf/webserver/:id Update a WebServer Profile
POST/qps/rest/2.0/update/waf/webserver Update Web Server Profiles (bulk change)
POST/qps/rest/2.0/delete/waf/webserver/:id Delete a Web Server Profile
POST/qps/rest/2.0/delete/waf/webserver Delete Web Server Profiles (bulk change)

 

HTTP Profile API
GET/qps/rest/2.0/get/waf/httpprofile/:id Get an HTTP profile
GET/qps/rest/2.0/count/waf/httpprofile Count HTTP Profiles in scope
POST/qps/rest/2.0/search/waf/httpprofile Search HTTP Profiles in scope from criterias
POST/qps/rest/2.0/create/waf/httpprofile Create a HTTP Profile
POST/qps/rest/2.0/update/waf/httpprofile/:id Update an HTTP Profile
POST/qps/rest/2.0/update/waf/httpprofile Update HTTP Profiles (bulk change)
POST/qps/rest/2.0/delete/waf/httpprofile/:id Delete an HTTP Profile
POST/qps/rest/2.0/delete/waf/httpprofile Delete HTTP Profiles (bulk change)

 

Security Policy API
GET/qps/rest/2.0/get/waf/securitypolicy/:id Get a Security Policy profile
GET/qps/rest/2.0/count/waf/securitypolicy Count Security Policies in scope
POST/qps/rest/2.0/search/waf/securitypolicy Security Policy Profiles in scope from criterias
POST/qps/rest/2.0/create/waf/securitypolicy Create a Custom Security Policy
POST/qps/rest/2.0/update/waf/securitypolicy/:id Update a Custom Security Policy
POST/qps/rest/2.0/update/waf/securitypolicy Update Custom Security Policies (bulk change)
POST/qps/rest/2.0/delete/waf/securitypolicy/:id Delete a Custom Security Policy
POST/qps/rest/2.0/delete/waf/securitypolicy Delete Custom Security Policies (bulk change)

 

Custom Page API
GET/qps/rest/2.0/get/waf/custompage/:id Get a custom page profile
GET/qps/rest/2.0/count/waf/custompage Count Custom Page Profiles in scope
POST/qps/rest/2.0/search/waf/custompage Search Custom Page Profiles in scope from criterias
POST/qps/rest/2.0/create/waf/custompage Create a Custom Page Profile
POST/qps/rest/2.0/update/waf/custompage/:id Update a Custom Page Profile
POST/qps/rest/2.0/update/waf/custompage Update Custom Page Profiles (bulk change)
POST/qps/rest/2.0/delete/waf/custompage/:id Delete a Custom Page Profile
POST/qps/rest/2.0/delete/waf/custompage Delete Custom Page Profiles (bulk change)

 

Custom Rule API
GET/qps/rest/2.0/get/waf/customrule/:id Get a Custom Rule
GET/qps/rest/2.0/count/waf/customrule Count Custom Rules in scope
POST/qps/rest/2.0/search/waf/customrule Custom Rules in scope from criterias
POST/qps/rest/2.0/create/waf/customrule Create a Custom Rule
POST/qps/rest/2.0/update/waf/customrule/:id Update a Custom Rule
POST/qps/rest/2.0/update/waf/customrule Update Custom Rule (bulk change)
POST/qps/rest/2.0/delete/waf/customrule/:id Delete a Custom Rule
POST/qps/rest/2.0/delete/waf/customrule Delete Custom Rules (bulk change)

 

Web application API

GET/qps/rest/2.0/get/waf/webapp/:id Get a web application
GET/qps/rest/2.0/count/waf/webapp Count web applications in scope
POST/qps/rest/2.0/search/waf/webapp Search web applications in scope from criterias
POST/qps/rest/2.0/create/waf/webapp Create a web application
POST/qps/rest/2.0/update/waf/webapp/:id Update a web application
POST/qps/rest/2.0/update/waf/webapp Update web applications (bulk change)
POST/qps/rest/2.0/delete/waf/webapp/:id Delete a web application
POST/qps/rest/2.0/delete/waf/webapp Delete web applications (bulk change)

A new release of Qualys Cloud Suite, Version 2.30 includes an updated API which is targeted for release in September 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API and make changes to any scripts that utilize this specific API.

 

Host Asset Management API adds additional Amazon EC2 Instance Metadata

 

The Host Asset Management API now adds additional metadata of Amazon EC2 hosts when inventoried using the Qualys EC2 Connector.  The API output schema is changed to add new tags for additional EC2 metadata, populated with respective values for EC2 assets and empty for non-EC2 assets.

 

The new EC2 tags in the <Ec2AssetSourceSimple> element include:

 

<ec2InstanceTags>

<EC2Tags>

<createdDate>

<instanceState>

<groupId>

<groupName>

<spotInstance>

<ownerId>

<subnetId>

<vpcId>

<region>

<zone>

<publicIpAddress>

<accountId>

 

The example below is of the full output with the new and existing tags:

 

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://v-qps1.dev.qualys.com:8080/portal-api/xsd/2.0/am/hostasset.xsd">
   <responseCode>SUCCESS</responseCode>
   <count>1</count>
   <data>
       <HostAsset>
           <id>52331</id>
           <name>wenlin_scanner_sjc</name>
           <created>2017-06-15T02:34:25Z</created>
           <modified>2017-06-15T04:34:02Z</modified>
           <type>HOST</type>
           <tags>
               <list>
                   <TagSimple>
                       <id>7515612</id>
                       <name>AWS-Connector#2</name>
                   </TagSimple>
               </list>
           </tags>
           <sourceInfo>
               <list>
                   <Ec2AssetSourceSimple>
                       <firstDiscovered>2017-06-15T02:34:27Z</firstDiscovered>
                       <lastUpdated>2017-06-21T01:37:04Z</lastUpdated>
                       <assetId>52331</assetId>
                       <ec2InstanceTags>
                           <tags>
                               <list>
                                   <EC2Tags>
                                       <key>Name</key>
                                       <value>wn_scanner_sjc</value>
                                   </EC2Tags>
                                   <EC2Tags>
                                       <key>wn_scanner_sjc</key>
                                   </EC2Tags>
                               </list>
                           </tags>
                       </ec2InstanceTags>
                       <availabilityZone>us-west-1c</availabilityZone>
                       <instanceId>i-07d6f50d34s2e22a2ac69</instanceId>
                       <instanceType>t2.medium</instanceType>
                       <createdDate>2017-06-20T18:52:38Z</createdDate>
                       <instanceState>RUNNING</instanceState>
                       <groupId>sg-5547324f32</groupId>
                       <groupName>sg-5547324f32</groupName>
                       <spotInstance>true</spotInstance>
                       <ownerId>2057623237712438</ownerId>
                       <subnetId>subnet-b7dc77adbde</subnetId>
                       <vpcId>vpc-a334bdc7bca</vpcId>
                       <region>us-west-1</region>
                       <zone>VPC</zone>
                       <imageId>ami-169bc676</imageId>
                       <publicIpAddress>127.0.0.1</publicIpAddress>
                       <privateIpAddress>10.91.76.239</privateIpAddress>

<accountId>18943245667116622211526272</accountId>
            <monitoringEnabled>false</monitoringEnabled>
                   </Ec2AssetSourceSimple>
               </list>
           </sourceInfo>
           <os>Linux</os>
           <address>10.91.76.239</address>
           <trackingMethod>INSTANCE_ID</trackingMethod>
           <openPort>
               <list/>
           </openPort>
           <software>
               <list/>
           </software>
           <vuln>
               <list/>
           </vuln>
           <processor>
               <list/>
           </processor>
           <volume>
               <list/>
           </volume>
           <account>
               <list/>
           </account>
           <networkInterface>
               <list>
                   <HostAssetInterface>
                       <interfaceId>eni-50851450</interfaceId>
                       <interfaceName>Primary network interface</interfaceName>
                       <type>PRIVATE</type>
                       <address>10.91.76.239</address>
                   </HostAssetInterface>
               </list>
           </networkInterface>
       </HostAsset>
   </data>
</ServiceResponse>

A new release of Qualys Cloud Suite, Version 8.10.1 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC) modules), includes an updated API which is targeted for release in July 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API as well as updated API's that may have changes affecting current code environments, allowing you to identify use cases that can leverage this updated API. The release notes are attached at the end of this notice.

 

What’s New
New Scanner Role Extended Permissions

Your subscription may now be configured to allow users with a Scanner user role to be granted these extended permissions:

   - Manage virtual scanner appliances. When granted, this allows the user to create, edit and delete virtual scanner appliances from the UI and API.

   - Create/edit authentication records/vaults. When granted, this allows the user to create and edit authentication records and vaults from the UI and API.

 

New Input Parameter for Create Virtual Scanner

When users with the Unit Manager or Scanner role create a virtual scanner appliance, they must add the virtual scanner to an asset group in their account. Simply provide the asset group ID as part of the API request. 


VM - Detection API - New Value for Active Kernels Only input parameter

The existing parameter “active_kernels_only” helps you identify detections related to running and non-running Linux kernels. You can now specify active_kernels_only=3 in your request to only include vulnerabilities found on running Linux kernels.


PC - Enhancement to File Integrity Checks

With this release you’re no longer required to manually set the default expected value when defining File Integrity checks. Now you can pick the “Use scan data as expected value” option in the UDC and we’ll set the expected value for you based on the actual value returned by the scan. Note that you’ll also need to select the “Auto Update expected value” option in your compliance profile.

A new release of Qualys Cloud Suite, Version 2.28 (this version # is equivalent to Web Application Scanner v5.6), includes an updated API which is targeted for release in July 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API. The release notes are attached at the end of this notice.

 

Whats New in WAS 5.6

WAS - Generating Reports using templates

With our new Reporttemplate API, you can search for existing templates as well as get the details of an existing template. You can also use templates to generate reports through API, such as web application report, scan report, catalog report, and scorecard report.

 

WAS - Retest findings
You can now easily retest the findings for individual vulnerabilities using Finding API to test the selected finding. Only potential vulnerabilities, confirmed vulnerabilities and sensitive contents are available for retest.

 

WAS - Launch multiscan
We've enhanced the ability to support large web application scanning programs by adding the ability to scan any number of web applications as a Multi-Scan through API. This feature enables you to scan hundreds or even thousands of web applications you may have in your organization with granular insight into what scans are running and which ones are complete.

 

WAS - Schedule a multiscan
You can now schedule a Multi-Scan through API to run automatically, on a regular basis. This way you always have the most up-to-date security information in your account.

 

A Multi-Scan allows you to scan any number of web applications. This feature enables you to scan hundreds or even thousands of web applications you may have in your organization with granular insight into what scans are running and which ones are complete.

 

WAS - Enhanced tag selection
We have now enhanced our support for selection of assets linked to the tags when you launch a scan, create or edit a schedule, generate or schedule a Scorecard report or Web application report. You can now tell us the tag id in the request and specify if any or all the assets associated with the tag should be included or excluded in the scan result or report.

Qualys 8.10.0.1 Release Notes


A new release of Qualys Cloud Suite, Version 8.10.0.1 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC)) includes the following fixes.  This hotfix will roll out today (June 9th, 2017) across all shared platforms. 

 

Issues Addressed


For the VM Detection API we reverted the behavior for the active_kernels_only=1 parameter and updated the documentation. Now it excludes vulnerabilities found on non-running Linux kernels. The 8.10 API Release Notes and API User Guides have been updated to reflect this change.


Scan Reports in CSV format – Now the EC2 Instance ID column will only appear when your subscription has EC2 Scanning enabled and only when the “EC2 Related Information” option isselected in the scan report template. Columns for EC2 Instance ID and EC2 metadata information now appear at the end. We also moved the columns in the CSV output for the VM Detection API. The 8.10 API Release Notes and API User Guides have been updated to reflect this change.


We fixed an issue where users were getting an error when using the show_pci_flag parameter with the KnowledgeBase Download API (/msp/knowledgebase_download.php). Also, the AUTOMATIC_PCI_FAIL tag previously described in the 8.10 API Release Notes will not appear in the XML output. This element is in the DTD but for internal use only.

 

We fixed an issue in the Qualys UI where the Scan List was not loading for Non-Manager users.

 

We fixed a link in the online help for the Cloud Agent Mac Install Guide.

A new release of Qualys Cloud Suite, Version 8.10 (this version # applies to Qualys Vulnerability Management (VM) and Policy Compliance (PC) modules), includes an updated API which is targeted for release in end of May 2017. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API as well as updated API's that may have changes affecting current code environments, allowing you to identify use cases that can leverage this updated API. The release notes are attached at the end of this notice.

 

What’s New

Change API Rate Limit to 300 per hour

- This is a huge positive change, effectively acting as a 24 times multiplier versus our old rate limits!

New Support for BeyondTrust PBPS Vaults

New API Support for Option Profiles

- Import and export of Option Profiles

Scanner Appliance List - added Cloud Information

EC2 Assets - Improved Reporting of private DNS host name and Instance ID

Manage assets using EC2 metadata

IP Update - New DTD for Duplicate Hosts Error

Export user activity log for a subscription

Action Log API V1 - added User Details in Output

Asset Search APIs - Search by EC2 Instance Status, ID

VM - New API Support for Report Templates

VM - Show Reopened Info in Scan Reports

VM - Show Reopened Info in Vulnerability Detection API

VM - Detection API - Identify vulnerabilities related to running and non-running kernels

VM - Filter Detections Updated Before a Specific Date and Time

VM - Editing vulnerabilities

VM - EC2 asset information in scan report

VM - Scan Report in XML Format - Ability to Exclude Glossary data

VM - Hide target information from scan list

VM - New tag added to KnowledgeBase API

- A new tag, <AUTOMATIC_PCI_FAIL>, is now added to the Knowledge Base API

PC - Remediation Information Displayed in PC Reports

PC - New API Support for Docker Authentication

PC - New API Support for PostgreSQL Authentication

PC - New API Support for Sybase Authentication

PC - Introducing Qualys Custom Controls in Library Policies

PC - Remediation Information Displayed in Reports

Filter Blog

By date: By tag: