WillB

QualysGuard WAS 3.2 API Notification

Blog Post created by WillB on Jan 14, 2014

A new release of QualysGuard WAS, Version 3.2, is targeted for release in US production in February 2014. The exact release date has not yet been set.  This release contains changes to the APIs that requires a 30-day notification.  Only the API changes that impact existing APIs are included in the 30 day notification.  The notification will be updated to include any new API functionality at least 15 days prior to release. 

 

More information on specific release dates that correspond to the platforms can be found on the platform release blog pages which will be updated no less than 15 days prior to the release of WAS 3.2.

 

 

This API notification provides an early preview into the coming API changes in QualysGuard WAS 3.2, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods described below.  There are 3 primary API changes in this release:

 

  • Ignore Binary Files Tag Added to XML Reports
  • New cancelScanTime Element
  • Scan Status Data Reported

 

Full release notes will be available to customers on the day of the release. 

 

WAS WebApp and Schedule API now available to Express Lite Customers

Are you a QualysGuard Express Lite User? Now you can use the capabilities of the WAS Scan and Schedule APIs as described in the QualysGuard WAS API User Guide if you have the WAS API option enabled.

 

Ignore Binary Files Tag Added to XML Reports

A new XML tag appears in XML reports to tell you whether the new Ignore Binary Files option profile setting was turned on for the scan being reported on. If yes, the scan ignored files with these extensions: .pdf, .zip and .doc.

 

Scan Results XML

“Ignore Binary Files” is included in the XML output when a user downloads scan results in XML format.

 

Scan Results v3 XML - “Ignore Binary Files” appears in the scan results v3 XML format under the new WasScanOption tag. The v3 XML format is returned when a you make an API request using the download scan API (…/3.0/download/was/wasscan/<id>).

 

...

<WasScanOption>

    <name>Ignore Binary Files</name>

    <value>true</value>

</WasScanOption>

...

 

 

Scan Results v2 XML - “Ignore Binary Files” appears in the scan results v2 XML format (for version 2 and earlier) under the new SCAN_INFO tag. The v2 XML format is returned:

- when a you make an API request using the download scan API (…/2.0/download/was/wasscan/<id>)

- when you select the Download action for a scan using the user interface

 

 

 

 

...

<SUMMARY>

   <SCAN_SUMMARY>

      <SCAN_INFO>

          <KEY>Title</KEY>

          <VALUE><![CDATA[Vulnerability Scan - Ignore Binary On]]></VALUE>

      </SCAN_INFO>

...

 

 

Scan Details v3 XML - “Ignore Binary Files” appears in the scan results v3 XML format under the new WasScanOption tag. The v3 XML format is returned when a you make an API request using the get scan API (…/3.0/get/was/wasscan/<id>).

 

<WasScanOption>

   <name>Ignore Binary Files</name>

   <value><![CDATA[true]]></value>

</WasScanOption>

 

 

Report XML

“Ignore Binary Files” appears in the report XML in the appendix section when you make an API request using the download report API (…/3.0/download/was/report/<id>).

 

...

<APPENDIX_LIST>

    <APPENDIX>

        <VALUE_LIST>

            <VALUE name="Ignore Binary Types">true</VALUE>

 

 

New cancelScanTime Element

The new cancelScanTime element defines the precise hour to cancel a scan.

 

Launch Scan API

Using the launch scan API (…/3.0/launch/was/wasscan) you can include cancelScanTime as a name/value pair in your request POST data.

 

...

<options>

   <WasScanOption>

      <name>cancelScanTime</name>

      <value><![CDATA[1]]></value>

   </WasScanOption>

</options>

...

 

 

Create a Scan Schedule API

Using the create a scan schedule API (…/3.0/create/was/wasscanschedule) you can include cancelScanTime in your request POST data using the cancelTime element

 

 

<scheduling>

        <occurrenceType>WEEKLY</occurrenceType>

        <occurrence>

         <weeklyOccurrence>

                <everyNWeeks>5</everyNWeeks>

                <onDays>

                        <WeekDay>MONDAY</WeekDay>

                        <WeekDay>SATURDAY</WeekDay>

                        <WeekDay>SUNDAY</WeekDay>

                </onDays>

         </weeklyOccurrence>

        </occurrence>

        <timeZone>

          <code>Africa/Ceuta</code>

        </timeZone>

        <startDate>2012-08-01T10:00:00Z</startDate>

        <cancelTime>11:00</cancelTime>

</scheduling>

 

 

 

 

Get Scan Schedule XML

Using the get a scan schedule API (…/3.0/get/was/wassc anschedule/<id>) the XML output includes the cancelScanTime element if the scan cancel time setting is defined for the schedule.

 

 

      <scheduling>

        <startDate>2014-01-13T17:00:00Z</startDate>

        <timeZone>

          <code>Etc/GMT-3</code>

          <offset>+03:00</offset>

        </timeZone>

        <occurrenceType>ONCE</occurrenceType>

        <cancelTime>11:00</cancelTime>

      </scheduling>

 

 

 

New Scan Status Data Reported

Scan Results XML

Using the retrieve scan results API (.../3.0/download/was/wasscan/<id>) the XML output will show the number of links collected, and the average response time.

 

<summary>

    <crawlDuration>16</crawlDuration>

    <testDuration>138</testDuration>

    <linksCollected>10</linksCollected>

    <linksCrawled>1</linksCrawled>

    <nbRequests>503</nbRequests>

    <averageResponseTime>0.001554</averageResponseTime>

    <resultsStatus>SUCCESSFUL</resultsStatus>

    <authStatus>NONE</authStatus>

    <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

</summary>

 

 

 

Get Scan Status XML

Using the get a scan schedule API (…/3.0/get/was/wassc anschedule/<id>) the XML output includes the cancelScanTime element if the scan cancel time setting is defined for the schedule.

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

  <responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>21993</id>

      <status>FINISHED</status>

      <summary>

            <linksCollected>12</linksCollected>

            <linksCrawled>5</linksCrawled>

            <nbRequests>89</nbRequests>

            <averageResponseTime>0.01234</averageResponseTime>

      </summary>

    </WasScan>

  </data>

</ServiceResponse>

 

 

 

Scan Details XML

Using the get scan details API (…/3.0/get/was/wasscan/<id>) the XML XML output will show links collected, links crawled, the number of requests performed and the average response time

<summary>

   <crawlDuration>16</crawlDuration>

   <testDuration>138</testDuration>

   <linksCollected>10</linksCollected>

   <linksCrawled>1</linksCrawled>

   <nbRequests>503</nbRequests>

   <averageResponseTime>0.001554</averageResponseTime>

   <resultsStatus>SUCCESSFUL</resultsStatus>

   <authStatus>NONE</authStatus>

   <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

</summary>

 

 

 

Outcomes