AnsweredAssumed Answered

Patch data via the /api/2.0/fo/asset/host/vm/detection/ API resource?

Question asked by John Krewson on Apr 22, 2016
Latest reply on Apr 22, 2016 by Jeff Leggett



We are using the /api/2.0/fo/asset/host/vm/detection/ to pull Qualys host data. We are reporting on both from a vulnerability standpoint and a patch perspective.


I'm looking for some confirmation as I'm testing this: Do results from the /api/2.0/fo/asset/host/vm/detection/ include ALL patches available or just patches associated with vulnerabilities, even if the vulnerability level is 0.


I feel like it's kind of a dumb question - but I'm just making sure that Qualys only reports on outstanding patches related to vulnerabilities, and not necessarily patches related to improvements/enhancements etc.