WillB

QualysGuard WAS 2.4.2 API Notification

Blog Post created by WillB on Jan 24, 2013

A new release of QualysGuard WAS, Version 2.4.2, will be available in production in the US datacenter March 5th, 2013 and in the EU datacenter March 14th 2013.  This update includes enhancements to many reporting capabilities available via the API, making it easier to integrate WAS with other security solutions.   This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 8 PM PST (04:00 AM GMT next day).

 

This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that use the following functions or XML outputs.  All changes to existing APIs were included in the notification posted on January 24th, 2013.  This updated notification includes all changes for WAS 2.4.2 including new API methods that will not impact existing API implementations.

 

Create Report 

With QualysGuard WAS 2.4.2  in both the WebAppReport and ScanReport elements, the searchlists XML element used to define search lists to include will be renamed as includedSearchLists. It will still contain a list of SearchList elements. 

 

Web Application and Scan Reports — Show Vulnerabilities by Status

We’ve added a new VULNERABILITIES_BY_STATUS option to allow you to show vulnerabilities by status in reports. For a Web Application Report this option can be added to the WebAppReportGraph element. For a Scan Report this option can be added to the ScanReportGraph element.

 

Example - Create a web application report

 

Create a web application report in encrypted PDF format, requesting the vulnerabilities by status graph.

 

Request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-"https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp_report" <file.xml

Note: “file.xml” contains the request POST data.
  
Request POST Data:
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[My Web Application Report]]></name>
        <description><![CDATA[A simple WebApp report]]></description>
        <format>PDF_ENCRYPTED</format>
        <password>PASSWORD</password>
        <distributionList>
          <set>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
          </set>
        </distributionList>
        <type>WAS_WEBAPP_REPORT</type>
        <config>
          <webAppReport>
            <target>
              <tags>
                <Tag>
                  <id>243130</id>
                </Tag>
                <Tag>
                  <id>243132</id>
                </Tag>
                </tags>
                <webapps>
                  <WebApp>
                    <id>532510</id>
                  </WebApp> 
                  <WebApp>
                    <id>532601</id>
                  </WebApp>
                </webapps>
              </target>
              <display>
                <contents>
                  <WebAppReportContent>DESCRIPTION</WebAppReportContent>
                  <WebAppReportContent>SUMMARY</WebAppReportContent>
                  <WebAppReportContent>GRAPHS</WebAppReportContent>
                  <WebAppReportContent>RESULTS</WebAppReportContent>
                </contents>
                <graphs>
                  <WebAppReportGraph>VULNERABILITIES_BY_GROUP</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_STATUS</WebAppReportGraph>
                </graphs>
                <groups>
                  <WebAppReportGroup>GROUP</WebAppReportGroup>
                  <WebAppReportGroup>OWASP</WebAppReportGroup>
                  <WebAppReportGroup>WASC</WebAppReportGroup>
                </groups>
                <options>
                  <rawLevels>true</rawLevels>
                </options>
                </display>
                <filters>
                  <searchlists>
                    <SearchList>
                      <id>43147</id>
                    </SearchList>
                    </searchlists>
                    <url>http://www.mysite.com/help.html</url>
                    <status>
                      <WebAppFindingStatus>ACTIVE</WebAppFindingStatus>
                      <WebAppFindingStatus>REOPENED</WebAppFindingStatus>
                    </status>
                  </filters>
                </webAppReport>
              </config>
            </Report>
        </data>
     </ServiceRequest>

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>2629</id>
    </Report>
  </data>
</ServiceResponse>


 

The following changes will be reflected in the schema:

<xs:simpleType name="WebAppReportGraph">
        <xs:restriction base="xs:string">
            <xs:enumeration value="VULNERABILITIES_BY_SEVERITY" />
            <xs:enumeration value="VULNERABILITIES_BY_STATUS" />
            <xs:enumeration value="VULNERABILITIES_BY_GROUP" />
            <xs:enumeration value="VULNERABILITIES_BY_OWASP" />
            <xs:enumeration value="VULNERABILITIES_BY_WASC" />
            <xs:enumeration value="SENSITIVE_CONTENTS_BY_GROUP" />
            <xs:enumeration value="MOST_VULNERABLE_WEB_APPLICATIONS" />
            <xs:enumeration value="MOST_VULNERABLE_URLS" />
            <xs:enumeration value="OPERATING_SYSTEMS_DETECTED" />
        </xs:restriction>
    </xs:simpleType>


    <xs:simpleType name="ScanReportGraph">
        <xs:restriction base="xs:string">
            <xs:enumeration value="VULNERABILITIES_BY_SEVERITY" />
            <xs:enumeration value="VULNERABILITIES_BY_STATUS" />
            <xs:enumeration value="VULNERABILITIES_BY_GROUP" />
            <xs:enumeration value="VULNERABILITIES_BY_OWASP" />
            <xs:enumeration value="VULNERABILITIES_BY_WASC" />
            <xs:enumeration value="SENSITIVE_CONTENTS_BY_GROUP" />
            <xs:enumeration value="MOST_VULNERABLE_URLS" />
        </xs:restriction>
    </xs:simpleType>



 

Web Application and Scan Reports — Use Search Lists to Exclude Vulnerabilities

 

We’ve added the ability to use search lists to identify vulnerabilities to be excluded from a Web Application Report or a Scan Report. The searchLists element used to identify vulnerabilities to include in the report has been renamed includedSearchLists, and we have added the new element excludedSearchLists for identifying vulnerabilities to be excluded from the report.

 

Example - Create a scan report

Create a scan report in PDF format, using search lists to include and exclude vulnerabilities.

 

Example: Request post XML for generating a scan report with both included and excluded search lists via the API:

 

Request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-
"https://qualysapi.qualys.com/qps/rest/3.0/create/was/scan_report" < file.xml

Note: “file.xml” contains the request POST data.


Request POST Data:
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[with all parameters HTML_ZIPPED]]></name>
      <description><![CDATA[A simple scan report]]></description>
      <format>PDF</format>
      <type>WAS_SCAN_REPORT</type>
      <config>
        <scanReport>
          <target>
            <scans>
              <WasScan>
                <id>104268</id>
              </WasScan>
            </scans>
          </target>
          <display>
            <contents>
              <ScanReportContent>DESCRIPTION</ScanReportContent>
              <ScanReportContent>SUMMARY</ScanReportContent>
              <ScanReportContent>GRAPHS</ScanReportContent>
              <ScanReportContent>RESULTS</ScanReportContent>
              <ScanReportContent>INDIVIDUAL_RECORDS</ScanReportContent>
              <ScanReportContent>RECORD_DETAILS</ScanReportContent>
              <ScanReportContent>ALL_RESULTS</ScanReportContent>
              <ScanReportContent>APPENDIX</ScanReportContent>
            </contents>
            <graphs>
              <ScanReportGraph>VULNERABILITIES_BY_SEVERITY</ScanReportGraph>
              <ScanReportGraph>VULNERABILITIES_BY_GROUP</ScanReportGraph>
              <ScanReportGraph>VULNERABILITIES_BY_OWASP</ScanReportGraph>
              <ScanReportGraph>VULNERABILITIES_BY_WASC</ScanReportGraph>
              <ScanReportGraph>SENSITIVE_CONTENTS_BY_GROUP</ScanReportGraph>
            </graphs>
            <groups>
              <ScanReportGroup>URL</ScanReportGroup>
              <ScanReportGroup>GROUP</ScanReportGroup>
              <ScanReportGroup>OWASP</ScanReportGroup>
              <ScanReportGroup>WASC</ScanReportGroup>
              <ScanReportGroup>STATUS</ScanReportGroup>
              <ScanReportGroup>CATEGORY</ScanReportGroup>
              <ScanReportGroup>QID</ScanReportGroup>
            </groups>
            <options>
              <rawLevels>true</rawLevels>
            </options>
          </display>
          <filters>
            <includedSearchLists>
              <SearchList>
                <id>35</id>
              </SearchList>
              <SearchList>
                <id>125</id>
              </SearchList>
            </includedSearchLists>
            <excludedSearchLists>
              <SearchList>
                <id>128</id>
              </SearchList>
              <SearchList>
                <id>125</id>
              </SearchList>
            </excludedSearchLists>
            <url>http://www.mysite.com/help.html</url>
            <status>
              <ScanFindingStatus>NEW</ScanFindingStatus>
              <ScanFindingStatus>ACTIVE</ScanFindingStatus>
              <ScanFindingStatus>REOPENED</ScanFindingStatus>
            </status>
          </filters>
        </scanReport>
      </config>
    </Report>
  </data>
</ServiceRequest>

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>3629</id>
    </Report>
  </data>
</ServiceResponse>

 

 

To support the exclusion search lists the following changes will be reflected in the report.xsd schema:

 

<xs:complexType name="WebAppReport">
        ...
            <xs:element name="filters" minOccurs="0" maxOccurs="1">
                <xs:complexType>
                    <xs:sequence>
                        <xs:element name="includedSearchlists" minOccurs="0">
                            <xs:complexType>
                                <xs:sequence>
                                    <xs:element name="SearchList" type="SearchList" minOccurs="0" maxOccurs="unbounded"></xs:element>
                                </xs:sequence>
                            </xs:complexType>
                        </xs:element>
                        <xs:element name="excludedSearchlists" minOccurs="0">
                            <xs:complexType>
                                <xs:sequence>
                                    <xs:element name="SearchList" type="SearchList" minOccurs="0" maxOccurs="unbounded"></xs:element>
                                </xs:sequence>
                            </xs:complexType>
                        </xs:element>
...



 

Rename "Do Not Apply" Reason

 

The 2.4.2 release will rename the "Do Not Apply" reason to "Not Applicable".

 

A schema change in report.xsd will be required, as the IgnoredReason element will be updated to support this change:

           <xs:simpleType name="IgnoredReason">

                <xs:restriction base="xs:string">
                    <xs:enumeration value="FALSE_POSITIVE"/>
                    <xs:enumeration value="RISK_ACCEPTED"/>
                    <xs:enumeration value="NOT_APPLICABLE"/>
                </xs:restriction>
            </xs:simpleType>




 

 

Web Application Report — Show Ignored Vulnerabilities by Type

 

We’ve added two new filter elements to the Web Application Report API to allow you to show ignored vulnerabilities in the report. The element showIgnored can be used with one of these values: ONLY to show only ignored vulnerabilities or BOTH to show both ignored and non-ignored vulnerabilities.

 

If you use the showIgnored element, you have the option to use the IgnoredReasonList  element to specify the types of ignored vulnerabilities to show (FALSE_POSITIVE, RISK_ACCEPTED, NOT_APPLICABLE).

 

Example - Create a web application report

Create a web application report in encrypted PDF format, requesting both ignored and non-ignored vulnerabilities and all three ignored vulnerability types.

 

Request:

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-"https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp_report" <file.xml

Note: “file.xml” contains the request POST data.

Request POST Data:
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[My Web Application Report]]></name>
        <description><![CDATA[A simple WebApp report]]></description>
        <format>PDF_ENCRYPTED</format>
        <password>PASSWORD</password>
        <distributionList>
          <set>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
          </set>
        </distributionList>
        <type>WAS_WEBAPP_REPORT</type>
        <config>
          <webAppReport>
            <target>
              <tags>
                <Tag>
                  <id>243130</id>
                </Tag>
                <Tag>
                  <id>243132</id>
                </Tag>
                </tags>
                <webapps>
                  <WebApp>
                    <id>532510</id>
                  </WebApp> 
                  <WebApp>
                    <id>532601</id>
                  </WebApp>
                </webapps>
              </target>
              <display>
                <contents>
                  <WebAppReportContent>DESCRIPTION</WebAppReportContent>
                  <WebAppReportContent>SUMMARY</WebAppReportContent>
                  <WebAppReportContent>GRAPHS</WebAppReportContent>
                  <WebAppReportContent>RESULTS</WebAppReportContent>
                </contents>
                <graphs>
                  <WebAppReportGraph>VULNERABILITIES_BY_GROUP</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_OWASP</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_WASC</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_STATUS</WebAppReportGraph>
                </graphs>
                <groups>
                  <WebAppReportGroup>GROUP</WebAppReportGroup>
                  <WebAppReportGroup>OWASP</WebAppReportGroup>
                  <WebAppReportGroup>WASC</WebAppReportGroup>
                </groups>
                <options>
                  <rawLevels>true</rawLevels>
                </options>
                </display>
                <filters>
                  <searchlists>
                    <SearchList>
                      <id>43147</id>
                    </SearchList>
                    </searchlists>
                    <url>http://www.mysite.com/help.html</url>
                    <status>
                      <WebAppFindingStatus>ACTIVE</WebAppFindingStatus>
                      <WebAppFindingStatus>REOPENED</WebAppFindingStatus>
<WebAppFindingStatusRemediationShowIgnored>BOTH></WebAppFindingStatusRemediationShowIgnored>
                        <IgnoredReasonList>
                          <FALSE_POSITIVE>
                          <RISK_ACCEPTED>
                          <NOT_APPLICABLE>
                        </IgnoredReasonList>
                    </status>
                  </filters>
                </webAppReport>
              </config>
            </Report>
        </data>
     </ServiceRequest>

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>2629</id>
    </Report>
  </data>
</ServiceResponse>

 

A new WebAppReport/filters/status/remediation/showIgnored element will be added, accepting following values:

  • ONLY - Show only ignored vulnerabilities in report
  • BOTH - Show both non-ignored and ignored vulnerabilities in report

This element shall be included only if the user wants to include ignored vulnerabilities. If not specified, the report will not include ignored vulnerabilities at all.

 

If the user specified the showIgnored element, he may specify an optional WebAppReport/filters/status/remediation/IgnoredReasonList element used to specify what types of ignored vulnerabilities he wants to include.  The following updates will be reflected in the schema:


<xs:element name="WebAppReport">   
   ...
   <xs:element name="filters" minOccurs="0" maxOccurs="1">
       ...
       <xs:element name="remediation" minOccurs="0">
           <xs:element name="showIgnored" type="ShowIgnoredOption"/>
           <xs:element name="IgnoredReasonList" minOccurs="0">
             <xs:complexType>
                <xs:sequence>
                    <xs:element name="status" type="IgnoredReason" minOccurs="1"/>
                </xs:sequence>
             </xs:complexType>
           </xs:element>
       </xs:element>

 
<xs:simpleType name="ShowIgnoredOption">
    <xs:restriction base="xs:string">
        <xs:enumeration value="ONLY"/>
        <xs:enumeration value="BOTH"/>
    </xs:restriction>
</xs:simpleType>
    
<xs:simpleType name="IgnoredReason">
    <xs:restriction base="xs:string">
        <xs:enumeration value="FALSE_POSITIVE"/>
        <xs:enumeration value="RISK_ACCEPTED"/>
        <xs:enumeration value="NOT_APPLICABLE"/>
    </xs:restriction>
</xs:simpleType>

 

Report Find and Get Methods

 

This API will return for each report its size in a SIZE XML element. Corresponding XPATH will be RECORD/SIZE.   The value will be numeric and will represent the size in bytes.


Note: this will require a change in the report.xsd schema to reflect this new element in the Report object.

Example Response from FIND method:


<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://localhost:8080/qps-api-provider/xsd/3.0/was/report.xsd">

  <responseCode>SUCCESS</responseCode>
  <count>11</count>
  <hasMoreRecords>false</hasMoreRecords>
  <data>
    ...
    <Report>
      <id>2787</id>
      <name><![CDATA[Catalog Report]]></name>
      <owner>
        <id>123056</id>
        <username>quays_at3</username>
        <firstName><![CDATA[John]]></firstName>
        <lastName><![CDATA[Doe]]></lastName>
      </owner>
      <type>WAS_CATALOG_REPORT</type>
      <format>HTML_BASE64</format>
      <status>COMPLETE</status>
      <size>1245872</size>
      <creationDate>2012-12-18T15:53:02Z</creationDate>
      <tags>
        <count>0</count>
      </tags>
    </Report>
  </data>
</ServiceResponse>


 

 

Example of Response from GET method:


<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://localhost:8080/qps-api-provider/xsd/3.0/was/report.xsd">
  <responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>2787</id>
      <name><![CDATA[Catalog Report]]></name>
      <owner>
        <id>123056</id>
        <username>quays_at3</username>
        <firstName><![CDATA[John]]></firstName>
        <lastName><![CDATA[Doe]]></lastName>
      </owner>
      <type>WAS_CATALOG_REPORT</type>
      <format>HTML_BASE64</format>
      <status>COMPLETE</status>
      <size>1245872</size>
      <creationDate>2012-12-18T15:53:02Z</creationDate>
      <lastDownloadDate>2012-12-18T15:53:11Z</lastDownloadDate>
      <downloadCount>1</downloadCount>
      <tags>
        <count>0</count>
      </tags>
    </Report>
  </data>
</ServiceResponse>

 

 

Scorecard and Catalog Reports — Date Format Change

 

For the Scorecard Report and the Catalog Report, We’ve simplified the scanDate filter element. You no longer need to include hours, minutes and seconds. The value for the scanDate and endDate elements is now yyyy-mm-dd.

 

Example - Create a scorecard report

 

Create a scorecard report in PDF format, filtered by scan date range.

Request:
 
curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-
"https://qualysapi.qualys.com/qps/rest/3.0/create/was/???" < file.xml

Note: “file.xml” contains the request POST data.

Request POST Data: 
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[with all parameters PDF with rawLevel false]]></name>
      <description><![CDATA[A simple scorecard report]]></description>
      <format>PDF</format>
      <type>WAS_SCORECARD_REPORT</type>
      <config>
        <scorecardReport>
          <target>
            <tags>
              <Tag>
                <id>243130</id>
              </Tag>
            </tags>
          </target>
          <display>
            <contents>
              <ScorecardReportContent>DESCRIPTION</ScorecardReportContent>
              <ScorecardReportContent>SUMMARY</ScorecardReportContent>
              <ScorecardReportContent>GRAPHS</ScorecardReportContent>
              <ScorecardReportContent>RESULTS</ScorecardReportContent>
            </contents>
            <graphs>
         <ScorecardReportGraph>VULNERABILITIES_BY_GROUP</ScorecardReportGraph>
         <ScorecardReportGraph>VULNERABILITIES_BY_OWASP</ScorecardReportGraph>
         <ScorecardReportGraph>VULNERABILITIES_BY_WASC</ScorecardReportGraph>
           </graphs>
           <groups>
             <scorecardReportGroup>GROUP</ScorecardReportGroup>
             <ScorecardReportGroup>OWASP</ScorecardReportGroup>
             <ScorecardReportGroup>WASC</ScorecardReportGroup>
           </groups>
           <options>
             <rawLevels>false</rawLevels>
           </options>
            </display>
            <filters>
              <searchlists>
                <SearchList>
                  <id>43147</id>
                </SearchList>
                <SearchList>
                  <id>43147</id>
                </SearchList>
              </searchlists>
              <scanDate>
                <startDate>2012-08-28</startDate>
                <endDate>2012-10-28</endDate>
              </scanDate>
              <scanStatus>NO_HOST_ALIVE</scanStatus>
              <scanAuthStatus>NONE</scanAuthStatus> 
            </filters>
          </scorecardReport>
        </config>
      /Report>
   </data>
</ServiceRequest>

Response:
 
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>4629</id>
    </Report>
  </data>
</ServiceResponse>

 

 

 

WAS Reports — Add Report Size Information

Report size in bytes is now provided in the response for FIND and GET requests for all WAS reports.  This is new and will not impact existing API calls.

 

 

Example - Create a catalog report in HTML_BASE64 format.    

 

Request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/scan_report" < file.xml

 

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">

 

  <responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <Report>

      <id>2787</id>

      <name><![CDATA[Catalog Report]]></name>

      <owner>

        <id>123056</id>

        <username>quays_at3</username>

        <firstName><![CDATA[John]]></firstName>

        <lastName><![CDATA[Doe]]></lastName>

      </owner>

      <type>WAS_CATALOG_REPORT</type>

      <format>HTML_BASE64</format>

      <status>COMPLETE</status>

      <size>1245872</size>

      <creationDate>2012-12-18T15:53:02Z</creationDate>

      <lastDownloadDate>2012-12-18T15:53:11Z</lastDownloadDate>

      <downloadCount>1</downloadCount>

      <tags>

        <count>0</count>

      </tags>

    </Report>

  </data>

</ServiceResponse>

 

 


 

 

Simplified API URL

We’ve simplified the URL for WAS scan and schedule requests. The object alias “wasscan” has been renamed to “scan” and the alias “wasschedule” has been renamed to “schedule”. For example, the URL for requesting the current scan count has been changed as follows:

 

from:

https://qualysapi.qualys.com/qps/rest/3.0/count/was/wasscan

 

to:

https://qualysapi.qualys.com/qps/rest/3.0/count/was/scan

 

If you are developing new functions you should use the new URLs.  No changes are necessary to your existing API requests. You can continue to use the object alias “wasscan” and “wasschedule” if you wish.  However at a later time these may be deprecated.

 

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account with the WAS 2.4.2 release.

Outcomes