Tim White

Qualys Cloud Suite 8.7 API Release Notification

Blog Post created by Tim White Employee on Dec 21, 2015

A new release of Qualys Cloud Suite, Version 8.7 includes an API update which is targeted for release in January 2016.   The specific day will differ depending on the platform.  See platform release dates for more information. This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.

 

What's New

  1. Scan Report List - New Target Element
  2. VM - Vulnerability Threat Intelligence Information
  3. VM - Easily Identify Vulnerabilities Supported by Module
  4. VM - First Found Date Added to Asset Search Report CSV, XML

 

Scan Report List - New Target Element

The Scan Report List API (/msp/scan_report_list.php) is used to retrieve a list of saved scan reports in XML format. A new TARGET element in the XML output lists the IP address(es) that were scanned. In previous releases, the target was shown as an attribute of the SCAN_REPORT element.  There are changes to the XML output and DTD.

 

VM - Vulnerability Threat Intelligence Information

We’ve added Real-time Threat Indicators to the vulnerabilities in our KnowledgeBase and you can easily report on them to get threat intelligence information right away.

 

Real-time Threat Indicators are data points collected per vulnerability that contain accurate, timely and actionable information aggregated from multiple reliable data sources, allowing you to prioritize and filter the flood of security alerts.

 

Current Real-time threat indicators include values such as Zero Day, Exploit Public, Active Attacks, High Lateral Movement, Easy Exploit, High Data Loss, Denial of Service, No Patch.

 

Changes are made to the Dynamic Search List API (v2), KnowledgeBase API (v2), and KnowledgeBase Download (v1).  Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

 

VM - Easily Identify Vulnerabilities Supported by Module

Now you can find out what vulnerabilities in our KnowledgeBase are supported by different Qualys modules - VM, Cloud Agent, WAS, WAF and MD. Use the KnowledgeBase Search option to identify vulnerabilities that can be detected by VM scans, Windows Cloud Agent and Linux Cloud Agent plus more. We’ve added a supported modules section to the vulnerability (QID) information, and this is where you’ll see the Qualys modules that may be used to detect each QID.

 

Changes are made to the Dynamic Search List API (v2), KnowledgeBase API (v2), and KnowledgeBase Download (v1).  Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

 

VM - First Found Date Added to Asset Search Report CSV, XML

You can now view the First Found Date of an asset in the same way you download other data of the Asset Search Report.

The report can be downloaded from the Asset Search Report page, or via the Asset Search API (v1).

 

Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

Outcomes