Jeff Leggett

Qualys Cloud Platform 2.35 (AM/WAF/WAS) API notification 2

Blog Post created by Jeff Leggett Employee on Nov 21, 2018

A new release of Qualys Cloud Suite, Version 2.35 (AM/WAF/WAS), includes an updated API which is targeted for release in December 2018. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API. Release notes are attached to this post.

 

What's new

New Application Security Categories added in Security Policies
/qps/rest/2.0/get/waf/securitypolicy/<id>
/qps/rest/2.0/search/waf/securitypolicy
/qps/rest/2.0/create/waf/securitypolicy
/qps/rest/2.0/update/waf/securitypolicy
We have added support for four new application security categories. Add the new categories as elements under the applicationSecurity parameter and set confidence values for them.

 

New Conditions Added to Custom Rule
/qps/rest/2.0/get/waf/customrule/<id>
/qps/rest/2.0/search/waf/customrule
/qps/rest/2.0/create/waf/customrule
/qps/rest/2.0/update/waf/customrule
Custom Rule API now supports new conditions and operators for custom rules.

 

Added Support for Response Headers to Custom Rule
/qps/rest/2.0/get/waf/customrule/<id>
/qps/rest/2.0/search/waf/customrule
/qps/rest/2.0/create/waf/customrule
/qps/rest/2.0/update/waf/customrule
We have added three new actions: insertHeader, rewriteHeader and stripHeader to the Custom Rule API. You can configure these actions to insert, modify or remove HTTP headers in responses when the conditions for the actions are met.

 

Schedule Reactivation for Ignored Finding /qps/rest/3.0/ignore/was/finding
You can now schedule a date or the number of days to reactivate an ignored finding. With two new parameters: reactivateDate and reactivateIn, you can let us know when an ignored finding should be reactivated again.

 

Dynamic tagging for AWS, AZURE, GCP 
The Asset Management and Tagging API has been updated to allow dynamic tagging for AWS (EC2), AZURE, and GCP assets. You can now group your cloud assets according to the cloud provider they belong to. Tags are applied to assets found by cloud agents (AWS, AZURE, GCP) and EC2 connectors (AWS).

Attachments

Outcomes