AnsweredAssumed Answered

Qualys API - List Assets by Vulnerability Title

Question asked by Robert Williams on Jun 24, 2018
Latest reply on Aug 12, 2019 by DMFezzaReed

Howdy all,


I've trawled through the API documentation and the community and can't seem to find an answer to what I thought would be something simple.

Currently when I want to see how many assets contain a vulnerability I can simply use the AssetView->Assets Search functionality. It's awesome, works very fast, helps build widgets that I can chuck onto my teams' boards to aid in those exceptional circumstances such as zero days. Classic example: 

I'm currently building some services that have use-cases to do this programatically. 


Some important pieces to note:

- Aside from some adhoc sysadmin work, do not use the VM->Reporting function at all. So we have no report IDs to reference. We entirely live in live-dashboard land with continuous scanning provided by host-based agents on every asset.

- Our continuous scanning means I won't have a reference to any scan IDs; scans do exist but they are limited to infrastructure not pertaining servers/workstations.


So my question/s are: 

- Is there an API I can hit with the exact same syntax as the AssetView search functionality in the above image?


- Is there any API I can hit with vulnerability ID's, names, or is there any way to replicate the list in the image programatically?


Here's hoping I missed something obvious!


Kind Regards,