WillB

QualysGuard WAS 2.4.1 API Notification for US: January 31, 2013

Blog Post created by WillB on Jan 18, 2013

A release of QualysGuard® Web Application Scanning 2.4.1 with a new scan option will be available in production in the US on January 31, 2013. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 8 PM PST (04:00 AM GMT next day).

 

Cancel Scan After (n) Hours

We’ve added a new optional element to the API for launching an on-demand scan, using the Launch New Scan API (/qps/rest/3.0/launch/was/wasscan). The new optional element, cancelAfterNHours enables you to specify a number of hours after which the scan will be canceled.  When specified, the scan will stop after the selected running time and the scan will have a status of Canceled. Partial scan results may be available if security tests were performed before the scan was canceled.

 

When used, this element is included in the XML output returned using the View Scan Details API (/qps/rest/3.0/get/was/wasscan/<id>) and Retrieve Results of a Scan API (/qps/rest/3.0/download/was/wasscan/<id>).

 

Full details regarding these updates will be available in the WAS API User Guide on the day of the release.

 

Example: Launch a new discovery scan on the web application with the ID 323126 using the option profile with the ID 1021. Set scan to cancel after 1 hour.

 

 

Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @- "https://qualysapi.qualys.com/qps/rest/3.0/launch/was/wasscan" < file.xml

 

Note: “file.xml” contains the request POST data below:

 

Request POST Data:

 

<ServiceRequest>

  <data>

    <WasScan>

      <name>New scan launched from API</name>

      <type>DISCOVERY</type>

      <target>

        <webApp>

          <id>323126</id>

        </webApp>

      </target>

      <profile>

        <id>1021</id>

      </profile>

      <options>

        <WasScanOption>

          <name>Cancel After 1 hour</name>

          <value>1</value>

        </WasScanOption>

      </options>

    </WasScan>

  </data>

</ServiceRequest>

 

 

Response:

<?xmlversion="1.0" encoding="UTF-8"?>

<ServiceResponsexmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

<responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>16954</id>

    </WasScan>

  </data>

</ServiceResponse>

 

 

To receive more information on QualysGuard WAS 2.4.1, please visit the QualysGuard WAS community or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

Outcomes