Skip navigation
0

A new release of QualysGuard®, Version 7.1, will be available in production in the US on May 1st 2012 and in the EU on May 8th 2012. This release is completely transparent to users and will require no scheduled downtime.

 

QualysGuard 7.1 includes a number of API enhancements. This notification provides an early preview of these API enhancements, allowing you to make any changes to automated scripts or code that utilize the following APIs:

 

Vulnerability user comments exposed in a dedicated section in XML outputs:

In the QualysGuard user interface, Manager users can add custom comments to the vulnerability Threat, Impact and Solutions sections. With QualysGuard 7.1, those custom comments will be exposed in a dedicated section for some XML outputs (listed below) generated via the API or via the download function of the User Interface. Separating the user comments from the descriptions provided by QualysGuard in the XML outputs helps users to extract the customized comments in a much easier way.

 

Enhancements to Detection API

The “detection” API v2 (/api/2.0/fo/asset/host/vm/detection/), which is the most recommended API function to download vulnerability information from the API, has been enhanced to simplify the existing differential update capabilities. In QualysGuard 7.1, the output of the “detection” API includes the “FIXED” vulnerabilities, and a new input parameter called “max_days_since_last_vm_scan=X” can be used to only download the hosts with vulnerabilities updated during the X past days.

 

Detection API enhancements in this release:

  • New “Fixed” value for <STATUS> in output and new input parameter “status={value}”
  • New input parameter “max_days_since_last_vm_scan=X"
  • New input parameter “suppress_duplicated_data_from_csv={0|1}”

 

Please note there are no DTD changes for the detection API enhancements for QualysGuard 7.1.

 

Policy Report XML Output- DTD Update

The policy report can be downloaded using: a) the QualysGuard user interface, and b) the report share API v2 (/api/2.0/fo/report/?action=fetch). The policy report XML output uses the posture_info_list_output.dtd. This DTD can be found at the following URL (where qualysapi.qualys.com is your API server URL): https://qualysapi.qualys.com/compliance_policy_report.dtd

 

 

Posture Info API XML Output- DTD Update

The posture info API v2 request (/api/2.0/fo/compliance/posture/info/?action=list) is used to view current compliance posture info records for a selected policy. This API returns XML output using the posture_info_list_output.dtd. This DTD can be found at the following URL (where qualysapi.qualys.com is your API server URL):

https://qualysapi.qualys.com/api/2.0/fo/compliance/posture/info/posture_info_list_output.dtd

 

 

 

Full details regarding these XML changes are available within the Qualys community at: https://community.qualys.com/docs/DOC-3478

 

 

API release notes will be available to customers from within the Resources section of your QualysGuard account. To receive more information on QualysGuard 7.1, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

Bookmarked By (0)

Actions