Skip navigation

API Notifications

10 Posts tagged with the was tag
0

A new release of QualysGuard WAS, Version 3.3, is targeted for release in late March and early April 2014.

 

More information on specific release dates that correspond to the QualysGuard platforms can be found on the platform release blog pages which will be updated no less than 15 days prior to the release of WAS 3.3.

 

 

This API notification provides an early preview into the coming API changes in QualysGuard WAS 3.3, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods described below.  There are 3 primary API changes in this release:

 

  • Web Application Report XML – Ignored Sensitive Content
  • Report Create API – Storage Limit Response
  • Scan Cancel API – Update

 

Full release notes will be available to customers on the day of the release. 

 

API Enhancements

 

Web Application Report XML – Ignored Sensitive Content

The “Ignored” tag appears for a sensitive content detection when the detection has been marked as ignored. 

 

...

<SENSITIVE_CONTENT_LIST>

  <SENSITIVE_CONTENT>

    ...

    <IGNORED>true</IGNORED>

    <IGNORE_INFORMATION>

        <REASON>RISK_ACCEPTED</REASON>

        <DATE>2014-02-21T20:42:48Z</DATE>

        <USER><![CDATA[John Smith (acme_js)]]></USER>

        <COMMENT><![CDATA[Not an issue]]></COMMENT>

    </IGNORE_INFORMATION>

...

 

 

Report Create API – Storage Limit Response

A new error message appears in the response XML if the report storage limit has been reached when you make an API request using the report creation API (https://<baseurl>/3.0/create/was/report).

 

 

...

<ServiceResponse>

  <responseCode>OTHER_ERROR</responseCode>

  <responseErrorDetails>

    <errorMessage>Your [subscription|user] storage limit of 200.0 Mb has been reached.</errorMessage>

    <errorResolution>Delete existing reports and try again.</errorResolution>

  </responseErrorDetails>

</ServiceResponse>

...

 

 

Scan Cancel API – Update

Using the Scan Cancel API (https://<baseurl>/3.0/cancel/was/scan/<id>) now you can cancel any unfinished scan regardless of status.

 

What is the <baseurl>?

 

This is the API server URL where your QualysGuard account islocated. For an account on US Platform 1 this is <qualysapi.qualys.com>,on US Platform 2 this is <qualysapi.qg2.apps.qualys.com>, on EU Platformthis is <qualysapi.qualys.eu>.

0

A new release of QualysGuard WAS, Version 3.2, is targeted for release in US production in February 2014. The exact release date has not yet been set.  This release contains changes to the APIs that requires a 30-day notification.  Only the API changes that impact existing APIs are included in the 30 day notification.  The notification will be updated to include any new API functionality at least 15 days prior to release. 

 

More information on specific release dates that correspond to the platforms can be found on the platform release blog pages which will be updated no less than 15 days prior to the release of WAS 3.2.

 

 

This API notification provides an early preview into the coming API changes in QualysGuard WAS 3.2, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods described below.  There are 3 primary API changes in this release:

 

  • Ignore Binary Files Tag Added to XML Reports
  • New cancelScanTime Element
  • Scan Status Data Reported

 

Full release notes will be available to customers on the day of the release. 

 

WAS WebApp and Schedule API now available to Express Lite Customers

Are you a QualysGuard Express Lite User? Now you can use the capabilities of the WAS Scan and Schedule APIs as described in the QualysGuard WAS API User Guide if you have the WAS API option enabled.

 

Ignore Binary Files Tag Added to XML Reports

A new XML tag appears in XML reports to tell you whether the new Ignore Binary Files option profile setting was turned on for the scan being reported on. If yes, the scan ignored files with these extensions: .pdf, .zip and .doc.

 

Scan Results XML

“Ignore Binary Files” is included in the XML output when a user downloads scan results in XML format.

 

Scan Results v3 XML - “Ignore Binary Files” appears in the scan results v3 XML format under the new WasScanOption tag. The v3 XML format is returned when a you make an API request using the download scan API (…/3.0/download/was/wasscan/<id>).

 

...

<WasScanOption>

    <name>Ignore Binary Files</name>

    <value>true</value>

</WasScanOption>

...

 

 

Scan Results v2 XML - “Ignore Binary Files” appears in the scan results v2 XML format (for version 2 and earlier) under the new SCAN_INFO tag. The v2 XML format is returned:

- when a you make an API request using the download scan API (…/2.0/download/was/wasscan/<id>)

- when you select the Download action for a scan using the user interface

 

 

 

 

...

<SUMMARY>

   <SCAN_SUMMARY>

      <SCAN_INFO>

          <KEY>Title</KEY>

          <VALUE><![CDATA[Vulnerability Scan - Ignore Binary On]]></VALUE>

      </SCAN_INFO>

...

 

 

Scan Details v3 XML - “Ignore Binary Files” appears in the scan results v3 XML format under the new WasScanOption tag. The v3 XML format is returned when a you make an API request using the get scan API (…/3.0/get/was/wasscan/<id>).

 

<WasScanOption>

   <name>Ignore Binary Files</name>

   <value><![CDATA[true]]></value>

</WasScanOption>

 

 

Report XML

“Ignore Binary Files” appears in the report XML in the appendix section when you make an API request using the download report API (…/3.0/download/was/report/<id>).

 

...

<APPENDIX_LIST>

    <APPENDIX>

        <VALUE_LIST>

            <VALUE name="Ignore Binary Types">true</VALUE>

 

 

New cancelScanTime Element

The new cancelScanTime element defines the precise hour to cancel a scan.

 

Launch Scan API

Using the launch scan API (…/3.0/launch/was/wasscan) you can include cancelScanTime as a name/value pair in your request POST data.

 

...

<options>

   <WasScanOption>

      <name>cancelScanTime</name>

      <value><![CDATA[1]]></value>

   </WasScanOption>

</options>

...

 

 

Create a Scan Schedule API

Using the create a scan schedule API (…/3.0/create/was/wasscanschedule) you can include cancelScanTime in your request POST data using the cancelTime element

 

 

<scheduling>

        <occurrenceType>WEEKLY</occurrenceType>

        <occurrence>

         <weeklyOccurrence>

                <everyNWeeks>5</everyNWeeks>

                <onDays>

                        <WeekDay>MONDAY</WeekDay>

                        <WeekDay>SATURDAY</WeekDay>

                        <WeekDay>SUNDAY</WeekDay>

                </onDays>

         </weeklyOccurrence>

        </occurrence>

        <timeZone>

          <code>Africa/Ceuta</code>

        </timeZone>

        <startDate>2012-08-01T10:00:00Z</startDate>

        <cancelTime>11:00</cancelTime>

</scheduling>

 

 

 

 

Get Scan Schedule XML

Using the get a scan schedule API (…/3.0/get/was/wassc anschedule/<id>) the XML output includes the cancelScanTime element if the scan cancel time setting is defined for the schedule.

 

 

      <scheduling>

        <startDate>2014-01-13T17:00:00Z</startDate>

        <timeZone>

          <code>Etc/GMT-3</code>

          <offset>+03:00</offset>

        </timeZone>

        <occurrenceType>ONCE</occurrenceType>

        <cancelTime>11:00</cancelTime>

      </scheduling>

 

 

 

New Scan Status Data Reported

Scan Results XML

Using the retrieve scan results API (.../3.0/download/was/wasscan/<id>) the XML output will show the number of links collected, and the average response time.

 

<summary>

    <crawlDuration>16</crawlDuration>

    <testDuration>138</testDuration>

    <linksCollected>10</linksCollected>

    <linksCrawled>1</linksCrawled>

    <nbRequests>503</nbRequests>

    <averageResponseTime>0.001554</averageResponseTime>

    <resultsStatus>SUCCESSFUL</resultsStatus>

    <authStatus>NONE</authStatus>

    <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

</summary>

 

 

 

Get Scan Status XML

Using the get a scan schedule API (…/3.0/get/was/wassc anschedule/<id>) the XML output includes the cancelScanTime element if the scan cancel time setting is defined for the schedule.

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchemainstance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

  <responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>21993</id>

      <status>FINISHED</status>

      <summary>

            <linksCollected>12</linksCollected>

            <linksCrawled>5</linksCrawled>

            <nbRequests>89</nbRequests>

            <averageResponseTime>0.01234</averageResponseTime>

      </summary>

    </WasScan>

  </data>

</ServiceResponse>

 

 

 

Scan Details XML

Using the get scan details API (…/3.0/get/was/wasscan/<id>) the XML XML output will show links collected, links crawled, the number of requests performed and the average response time

<summary>

   <crawlDuration>16</crawlDuration>

   <testDuration>138</testDuration>

   <linksCollected>10</linksCollected>

   <linksCrawled>1</linksCrawled>

   <nbRequests>503</nbRequests>

   <averageResponseTime>0.001554</averageResponseTime>

   <resultsStatus>SUCCESSFUL</resultsStatus>

   <authStatus>NONE</authStatus>

   <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

</summary>

 

 

 

0

A major release of QualysGuard WAS, Version 3.0, will be available as follows:

  • US Production 2 - May 7, 2013
  • US Production 1 - May 14, 2013
  • EU Production - May 21, 2013

 

This update includes enhancements to the web application API to add the new Malware Monitoring capability introduced in WAS 3.0. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PDT (19:00 GMT) and 8 PM PDT (03:00 AM GMT next day).

 

This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that use the following functions or XML outputs All changes for WAS 3.0 should not impact existing API implementations as they are additive.

 

 

PlatformAPI Location
US Production 1qualysapi.qualys.com
US Production 2qualysapi.qg2.apps.qualys.com
EU Production 1qualysapi.qualys.eu

 

Introducing Malware Monitoring for Web Applications

We're pleased to announce that we've integrated malware detection capability into WAS to make it easy for you to perform scans that detect not only web application vulnerabilities, but also malware that may infect the same web properties. Now there's an easy way to combine web application scanning and malware detection to ensure that your Internet-facing web sites are free from web application vulnerabilities and malware. Web site malware is typically found only on Internet-facing web applications. To learn more about these scan types, refer to the WAS 3.0 feature announcement on Qualys Community.

 

 

WebApp Create and Update API

The new “malwareMonitoring” element is used to enable Malware Monitoring when creating or updating a web application using the WebApplication API. You can choose to start it sometime in the future using  the “malwareScheduleTime” and“malwareScheduleTimeZone” elements. The site owner will receive an email notification if any malware is detect when “malwareNotification=true” is used.

 

Example - Create a web application and enable Malware Monitoring

 

Request:
 
curl -u USERNAME:PASSWORD -HContent-type: text/xml -X POST --data-binary @- 
https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp/< file.xml

Note: “file.xml”contains the request POST data.

Request POST Data:

<ServiceRequest>
 <data>
   <WebApp>
     <name>My Web Application</name>
     <url>http://mywebapp.com</url>
     <malwareMonitoring>true</malwareMonitoring>
      <malwareNotification>true</malwareNotification>
      <malwareScheduleTime>23:59</malwareScheduleTime>
      <malwareScheduleTimeZone>
         <code>America/Vancouver</code>
      </malwareScheduleTimeZone>
   </WebApp>
 </data>
</ServiceRequest>

 


Response:

<?xml version="1.0"encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/webapp.xsd">
 <responseCode>SUCCESS</responseCode>
 <count>1</count>
 <data>
   <WebApp>
     <id>119</id>
     <name><![CDATA[My Web Application]]></name>
     <url><![CDATA[http://mywebapp.com]]></url>
     <owner>
       <id>123</id>
       <username>username</username>
       <firstName><![CDATA[John]]></firstName>
       <lastName><![CDATA[Smith]]></lastName>
     </owner>
     <scope>ALL</scope>
     <attributes>
       <count>0</count>
       <list/>
     </attributes>
     <defaultScanner>
       <type>EXTERNAL</type>
     </defaultScanner>
      <urlBlacklist>
       <count>0</count>
       <list/>
     </urlBlacklist>
     <urlWhitelist>
       <count>0</count>
       <list/>
     </urlWhitelist>
     <postDataBlacklist>
       <count>0</count>
       <list/>
     </postDataBlacklist>
     <authRecords>
       <count>0</count>
     </authRecords>
     <useRobots>IGNORE</useRobots>
     <useSitemap>false</useSitemap>
     <malwareMonitoring>true</malwareMonitoring>
     <malwareNotification>true</malwareNotification>
     <malwareScheduleTime>23:59</malwareScheduleTime>
     <malwareScheduleTimeZone>
       <code>America/Vancouver</code>
       <offset>-07:00</offset>
     </malwareScheduleTimeZone>
     <tags>
       <count>0</count>
     </tags>
     <comments>
        <count>0</count>
     </comments>
     <isScheduled>false</isScheduled>
     <createdBy>
       <id>123</id>
       <username>username</username>
       <firstName><![CDATA[John]]></firstName>
       <lastName><![CDATA[Smith]]></lastName>
      </createdBy>
     <createdDate>2013-03-21T20:16:06Z</createdDate>
     <updatedBy>
       <id>123</id>
       <username>username</username>
       <firstName><![CDATA[John]]></firstName>
       <lastName><![CDATA[Smith]]></lastName>
     </updatedBy>
      <updatedDate>2013-03-21T20:16:07Z</updatedDate>
   </WebApp>
 </data>
</ServiceResponse>

 

WebApp Get API

A new XML “malwareMonitoring” element will be added to theWebApp element to let user know if the malware monitoring is enabled. The value for this new element is a boolean so will be true or false. If true, you’ll also see the “malwareScheduleTime”, “malwareScheduleTimeZone” and“malwareNotification” elements.

 

Example - Get Web Application Details

Get webapplication details for a web application ID 16833.

 

Request:

curl -n -u “USERNAME:PASSWORD”https://qualysapi.qualys.com/qps/rest/3.0/get/was/webapp/16833
 
Response:

<?xmlversion="1.0" encoding="UTF-8"?>
<ServiceResponsexmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">
 <responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <WasScan>
      <id>16833</id>
…
    <malwareMonitoring>true</malwareMonitoring>
    <malwareNotification>true</malwareNotification>
    <malwareScheduleTime>23:59</malwareScheduleTime>
    <malwareScheduleTimeZone>
       <code>America/Vancouver</code>
    </malwareScheduleTimeZone>

 

WebApp Delete API

When a web application monitored for Malware is deleted, thecorresponding domain for malware scanning (in the MDS module) will be deleted.

 

Release Notes

Full release notes will be available to customers from within the Resources section of your QualysGuard account with the WAS 3.0 release.

0

A new release of QualysGuard WAS, Version 2.4.2, will be available in production in the US datacenter March 5th, 2013 and in the EU datacenter March 14th 2013.  This update includes enhancements to many reporting capabilities available via the API, making it easier to integrate WAS with other security solutions.   This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 8 PM PST (04:00 AM GMT next day).

 

This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that use the following functions or XML outputs.  All changes to existing APIs were included in the notification posted on January 24th, 2013.  This updated notification includes all changes for WAS 2.4.2 including new API methods that will not impact existing API implementations.

 

Create Report 

With QualysGuard WAS 2.4.2  in both the WebAppReport and ScanReport elements, the searchlists XML element used to define search lists to include will be renamed as includedSearchLists. It will still contain a list of SearchList elements. 

 

Web Application and Scan Reports — Show Vulnerabilities by Status

We’ve added a new VULNERABILITIES_BY_STATUS option to allow you to show vulnerabilities by status in reports. For a Web Application Report this option can be added to the WebAppReportGraph element. For a Scan Report this option can be added to the ScanReportGraph element.

 

Example - Create a web application report

 

Create a web application report in encrypted PDF format, requesting the vulnerabilities by status graph.

 

Request:

curl -u USERNAME:PASSWORD -H content-type: text/xml -X POST -d @-https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp_report <file.xml

Note: “file.xml” contains the request POST data.
  
Request POST Data:
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[My Web Application Report]]></name>
        <description><![CDATA[A simple WebApp report]]></description>
        <format>PDF_ENCRYPTED</format>
        <password>PASSWORD</password>
        <distributionList>
          <set>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
          </set>
        </distributionList>
        <type>WAS_WEBAPP_REPORT</type>
        <config>
          <webAppReport>
            <target>
              <tags>
                <Tag>
                  <id>243130</id>
                </Tag>
                <Tag>
                  <id>243132</id>
                </Tag>
                </tags>
                <webapps>
                  <WebApp>
                    <id>532510</id>
                  </WebApp> 
                  <WebApp>
                    <id>532601</id>
                  </WebApp>
                </webapps>
              </target>
              <display>
                <contents>
                  <WebAppReportContent>DESCRIPTION</WebAppReportContent>
                  <WebAppReportContent>SUMMARY</WebAppReportContent>
                  <WebAppReportContent>GRAPHS</WebAppReportContent>
                  <WebAppReportContent>RESULTS</WebAppReportContent>
                </contents>
                <graphs>
                  <WebAppReportGraph>VULNERABILITIES_BY_GROUP</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_STATUS</WebAppReportGraph>
                </graphs>
                <groups>
                  <WebAppReportGroup>GROUP</WebAppReportGroup>
                  <WebAppReportGroup>OWASP</WebAppReportGroup>
                  <WebAppReportGroup>WASC</WebAppReportGroup>
                </groups>
                <options>
                  <rawLevels>true</rawLevels>
                </options>
                </display>
                <filters>
                  <searchlists>
                    <SearchList>
                      <id>43147</id>
                    </SearchList>
                    </searchlists>
                    <url>http://www.mysite.com/help.html</url>
                    <status>
                      <WebAppFindingStatus>ACTIVE</WebAppFindingStatus>
                      <WebAppFindingStatus>REOPENED</WebAppFindingStatus>
                    </status>
                  </filters>
                </webAppReport>
              </config>
            </Report>
        </data>
     </ServiceRequest>

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>2629</id>
    </Report>
  </data>
</ServiceResponse>


 

The following changes will be reflected in the schema:


<xs:simpleType name="WebAppReportGraph">
        <xs:restriction base="xs:string">
            <xs:enumeration value="VULNERABILITIES_BY_SEVERITY" />
            <xs:enumeration value="VULNERABILITIES_BY_STATUS" />
            <xs:enumeration value="VULNERABILITIES_BY_GROUP" />
            <xs:enumeration value="VULNERABILITIES_BY_OWASP" />
            <xs:enumeration value="VULNERABILITIES_BY_WASC" />
            <xs:enumeration value="SENSITIVE_CONTENTS_BY_GROUP" />
            <xs:enumeration value="MOST_VULNERABLE_WEB_APPLICATIONS" />
            <xs:enumeration value="MOST_VULNERABLE_URLS" />
            <xs:enumeration value="OPERATING_SYSTEMS_DETECTED" />
        </xs:restriction>
    </xs:simpleType>


    <xs:simpleType name="ScanReportGraph">
        <xs:restriction base="xs:string">
            <xs:enumeration value="VULNERABILITIES_BY_SEVERITY" />
            <xs:enumeration value="VULNERABILITIES_BY_STATUS" />
            <xs:enumeration value="VULNERABILITIES_BY_GROUP" />
            <xs:enumeration value="VULNERABILITIES_BY_OWASP" />
            <xs:enumeration value="VULNERABILITIES_BY_WASC" />
            <xs:enumeration value="SENSITIVE_CONTENTS_BY_GROUP" />
            <xs:enumeration value="MOST_VULNERABLE_URLS" />
        </xs:restriction>
    </xs:simpleType>



 

Web Application and Scan Reports — Use Search Lists to Exclude Vulnerabilities

 

We’ve added the ability to use search lists to identify vulnerabilities to be excluded from a Web Application Report or a Scan Report. The searchLists element used to identify vulnerabilities to include in the report has been renamed includedSearchLists, and we have added the new element excludedSearchLists for identifying vulnerabilities to be excluded from the report.

 

Example - Create a scan report

Create a scan report in PDF format, using search lists to include and exclude vulnerabilities.

 

Example: Request post XML for generating a scan report with both included and excluded search lists via the API:

 

Request:

curl -u USERNAME:PASSWORD -H content-type: text/xml -X POST -d @-
https://qualysapi.qualys.com/qps/rest/3.0/create/was/scan_report < file.xml

Note: “file.xml” contains the request POST data.


Request POST Data:
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[with all parameters HTML_ZIPPED]]></name>
      <description><![CDATA[A simple scan report]]></description>
      <format>PDF</format>
      <type>WAS_SCAN_REPORT</type>
      <config>
        <scanReport>
          <target>
            <scans>
              <WasScan>
                <id>104268</id>
              </WasScan>
            </scans>
          </target>
          <display>
            <contents>
              <ScanReportContent>DESCRIPTION</ScanReportContent>
              <ScanReportContent>SUMMARY</ScanReportContent>
              <ScanReportContent>GRAPHS</ScanReportContent>
              <ScanReportContent>RESULTS</ScanReportContent>
              <ScanReportContent>INDIVIDUAL_RECORDS</ScanReportContent>
              <ScanReportContent>RECORD_DETAILS</ScanReportContent>
              <ScanReportContent>ALL_RESULTS</ScanReportContent>
              <ScanReportContent>APPENDIX</ScanReportContent>
            </contents>
            <graphs>
              <ScanReportGraph>VULNERABILITIES_BY_SEVERITY</ScanReportGraph>
              <ScanReportGraph>VULNERABILITIES_BY_GROUP</ScanReportGraph>
              <ScanReportGraph>VULNERABILITIES_BY_OWASP</ScanReportGraph>
              <ScanReportGraph>VULNERABILITIES_BY_WASC</ScanReportGraph>
              <ScanReportGraph>SENSITIVE_CONTENTS_BY_GROUP</ScanReportGraph>
            </graphs>
            <groups>
              <ScanReportGroup>URL</ScanReportGroup>
              <ScanReportGroup>GROUP</ScanReportGroup>
              <ScanReportGroup>OWASP</ScanReportGroup>
              <ScanReportGroup>WASC</ScanReportGroup>
              <ScanReportGroup>STATUS</ScanReportGroup>
              <ScanReportGroup>CATEGORY</ScanReportGroup>
              <ScanReportGroup>QID</ScanReportGroup>
            </groups>
            <options>
              <rawLevels>true</rawLevels>
            </options>
          </display>
          <filters>
            <includedSearchLists>
              <SearchList>
                <id>35</id>
              </SearchList>
              <SearchList>
                <id>125</id>
              </SearchList>
            </includedSearchLists>
            <excludedSearchLists>
              <SearchList>
                <id>128</id>
              </SearchList>
              <SearchList>
                <id>125</id>
              </SearchList>
            </excludedSearchLists>
            <url>http://www.mysite.com/help.html</url>
            <status>
              <ScanFindingStatus>NEW</ScanFindingStatus>
              <ScanFindingStatus>ACTIVE</ScanFindingStatus>
              <ScanFindingStatus>REOPENED</ScanFindingStatus>
            </status>
          </filters>
        </scanReport>
      </config>
    </Report>
  </data>
</ServiceRequest>

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>3629</id>
    </Report>
  </data>
</ServiceResponse>

 

 

To support the exclusion search lists the following changes will be reflected in the report.xsd schema:

 

<xs:complexType name="WebAppReport">
        ...
            <xs:element name="filters" minOccurs="0" maxOccurs="1">
                <xs:complexType>
                    <xs:sequence>
                        <xs:element name="includedSearchlists" minOccurs="0">
                            <xs:complexType>
                                <xs:sequence>
                                    <xs:element name="SearchList" type="SearchList" minOccurs="0" maxOccurs="unbounded"></xs:element>
                                </xs:sequence>
                            </xs:complexType>
                        </xs:element>
                        <xs:element name="excludedSearchlists" minOccurs="0">
                            <xs:complexType>
                                <xs:sequence>
                                    <xs:element name="SearchList" type="SearchList" minOccurs="0" maxOccurs="unbounded"></xs:element>
                                </xs:sequence>
                            </xs:complexType>
                        </xs:element>
...



 

Rename "Do Not Apply" Reason

 

The 2.4.2 release will rename the "Do Not Apply" reason to "Not Applicable".

 

A schema change in report.xsd will be required, as the IgnoredReason element will be updated to support this change:


           <xs:simpleType name="IgnoredReason">

                <xs:restriction base="xs:string">
                    <xs:enumeration value="FALSE_POSITIVE"/>
                    <xs:enumeration value="RISK_ACCEPTED"/>
                    <xs:enumeration value="NOT_APPLICABLE"/>
                </xs:restriction>
            </xs:simpleType>




 

 

Web Application Report — Show Ignored Vulnerabilities by Type

 

We’ve added two new filter elements to the Web Application Report API to allow you to show ignored vulnerabilities in the report. The element showIgnored can be used with one of these values: ONLY to show only ignored vulnerabilities or BOTH to show both ignored and non-ignored vulnerabilities.

 

If you use the showIgnored element, you have the option to use the IgnoredReasonList  element to specify the types of ignored vulnerabilities to show (FALSE_POSITIVE, RISK_ACCEPTED, NOT_APPLICABLE).

 

Example - Create a web application report

Create a web application report in encrypted PDF format, requesting both ignored and non-ignored vulnerabilities and all three ignored vulnerability types.

 

Request:

curl -u USERNAME:PASSWORD -H content-type: text/xml -X POST -d @-https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp_report <file.xml

Note: “file.xml” contains the request POST data.

Request POST Data:
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[My Web Application Report]]></name>
        <description><![CDATA[A simple WebApp report]]></description>
        <format>PDF_ENCRYPTED</format>
        <password>PASSWORD</password>
        <distributionList>
          <set>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
            <EmailAddress>EMAIL ADDRESS</EmailAddress>
          </set>
        </distributionList>
        <type>WAS_WEBAPP_REPORT</type>
        <config>
          <webAppReport>
            <target>
              <tags>
                <Tag>
                  <id>243130</id>
                </Tag>
                <Tag>
                  <id>243132</id>
                </Tag>
                </tags>
                <webapps>
                  <WebApp>
                    <id>532510</id>
                  </WebApp> 
                  <WebApp>
                    <id>532601</id>
                  </WebApp>
                </webapps>
              </target>
              <display>
                <contents>
                  <WebAppReportContent>DESCRIPTION</WebAppReportContent>
                  <WebAppReportContent>SUMMARY</WebAppReportContent>
                  <WebAppReportContent>GRAPHS</WebAppReportContent>
                  <WebAppReportContent>RESULTS</WebAppReportContent>
                </contents>
                <graphs>
                  <WebAppReportGraph>VULNERABILITIES_BY_GROUP</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_OWASP</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_WASC</WebAppReportGraph>
                  <WebAppReportGraph>VULNERABILITIES_BY_STATUS</WebAppReportGraph>
                </graphs>
                <groups>
                  <WebAppReportGroup>GROUP</WebAppReportGroup>
                  <WebAppReportGroup>OWASP</WebAppReportGroup>
                  <WebAppReportGroup>WASC</WebAppReportGroup>
                </groups>
                <options>
                  <rawLevels>true</rawLevels>
                </options>
                </display>
                <filters>
                  <searchlists>
                    <SearchList>
                      <id>43147</id>
                    </SearchList>
                    </searchlists>
                    <url>http://www.mysite.com/help.html</url>
                    <status>
                      <WebAppFindingStatus>ACTIVE</WebAppFindingStatus>
                      <WebAppFindingStatus>REOPENED</WebAppFindingStatus>
<WebAppFindingStatusRemediationShowIgnored>BOTH></WebAppFindingStatusRemediationShowIgnored>
                        <IgnoredReasonList>
                          <FALSE_POSITIVE>
                          <RISK_ACCEPTED>
                          <NOT_APPLICABLE>
                        </IgnoredReasonList>
                    </status>
                  </filters>
                </webAppReport>
              </config>
            </Report>
        </data>
     </ServiceRequest>

Response:

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>2629</id>
    </Report>
  </data>
</ServiceResponse>

 

A new WebAppReport/filters/status/remediation/showIgnored element will be added, accepting following values:

  • ONLY - Show only ignored vulnerabilities in report
  • BOTH - Show both non-ignored and ignored vulnerabilities in report

This element shall be included only if the user wants to include ignored vulnerabilities. If not specified, the report will not include ignored vulnerabilities at all.

 

If the user specified the showIgnored element, he may specify an optional WebAppReport/filters/status/remediation/IgnoredReasonList element used to specify what types of ignored vulnerabilities he wants to include.  The following updates will be reflected in the schema:



<xs:element name="WebAppReport">   
   ...
   <xs:element name="filters" minOccurs="0" maxOccurs="1">
       ...
       <xs:element name="remediation" minOccurs="0">
           <xs:element name="showIgnored" type="ShowIgnoredOption"/>
           <xs:element name="IgnoredReasonList" minOccurs="0">
             <xs:complexType>
                <xs:sequence>
                    <xs:element name="status" type="IgnoredReason" minOccurs="1"/>
                </xs:sequence>
             </xs:complexType>
           </xs:element>
       </xs:element>

 
<xs:simpleType name="ShowIgnoredOption">
    <xs:restriction base="xs:string">
        <xs:enumeration value="ONLY"/>
        <xs:enumeration value="BOTH"/>
    </xs:restriction>
</xs:simpleType>
    
<xs:simpleType name="IgnoredReason">
    <xs:restriction base="xs:string">
        <xs:enumeration value="FALSE_POSITIVE"/>
        <xs:enumeration value="RISK_ACCEPTED"/>
        <xs:enumeration value="NOT_APPLICABLE"/>
    </xs:restriction>
</xs:simpleType>

 

Report Find and Get Methods

 

This API will return for each report its size in a SIZE XML element. Corresponding XPATH will be RECORD/SIZE.   The value will be numeric and will represent the size in bytes.


Note: this will require a change in the report.xsd schema to reflect this new element in the Report object.

Example Response from FIND method:



<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://localhost:8080/qps-api-provider/xsd/3.0/was/report.xsd">

  <responseCode>SUCCESS</responseCode>
  <count>11</count>
  <hasMoreRecords>false</hasMoreRecords>
  <data>
    ...
    <Report>
      <id>2787</id>
      <name><![CDATA[Catalog Report]]></name>
      <owner>
        <id>123056</id>
        <username>quays_at3</username>
        <firstName><![CDATA[John]]></firstName>
        <lastName><![CDATA[Doe]]></lastName>
      </owner>
      <type>WAS_CATALOG_REPORT</type>
      <format>HTML_BASE64</format>
      <status>COMPLETE</status>
      <size>1245872</size>
      <creationDate>2012-12-18T15:53:02Z</creationDate>
      <tags>
        <count>0</count>
      </tags>
    </Report>
  </data>
</ServiceResponse>


 

 

Example of Response from GET method:



<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="http://localhost:8080/qps-api-provider/xsd/3.0/was/report.xsd">
  <responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>2787</id>
      <name><![CDATA[Catalog Report]]></name>
      <owner>
        <id>123056</id>
        <username>quays_at3</username>
        <firstName><![CDATA[John]]></firstName>
        <lastName><![CDATA[Doe]]></lastName>
      </owner>
      <type>WAS_CATALOG_REPORT</type>
      <format>HTML_BASE64</format>
      <status>COMPLETE</status>
      <size>1245872</size>
      <creationDate>2012-12-18T15:53:02Z</creationDate>
      <lastDownloadDate>2012-12-18T15:53:11Z</lastDownloadDate>
      <downloadCount>1</downloadCount>
      <tags>
        <count>0</count>
      </tags>
    </Report>
  </data>
</ServiceResponse>

 

 

Scorecard and Catalog Reports — Date Format Change

 

For the Scorecard Report and the Catalog Report, We’ve simplified the scanDate filter element. You no longer need to include hours, minutes and seconds. The value for the scanDate and endDate elements is now yyyy-mm-dd.

 

Example - Create a scorecard report

 

Create a scorecard report in PDF format, filtered by scan date range.

Request:
 
curl -u USERNAME:PASSWORD -H content-type: text/xml -X POST -d @-
https://qualysapi.qualys.com/qps/rest/3.0/create/was/??? < file.xml

Note: “file.xml” contains the request POST data.

Request POST Data: 
<ServiceRequest>
  <data>
    <Report>
      <name><![CDATA[with all parameters PDF with rawLevel false]]></name>
      <description><![CDATA[A simple scorecard report]]></description>
      <format>PDF</format>
      <type>WAS_SCORECARD_REPORT</type>
      <config>
        <scorecardReport>
          <target>
            <tags>
              <Tag>
                <id>243130</id>
              </Tag>
            </tags>
          </target>
          <display>
            <contents>
              <ScorecardReportContent>DESCRIPTION</ScorecardReportContent>
              <ScorecardReportContent>SUMMARY</ScorecardReportContent>
              <ScorecardReportContent>GRAPHS</ScorecardReportContent>
              <ScorecardReportContent>RESULTS</ScorecardReportContent>
            </contents>
            <graphs>
         <ScorecardReportGraph>VULNERABILITIES_BY_GROUP</ScorecardReportGraph>
         <ScorecardReportGraph>VULNERABILITIES_BY_OWASP</ScorecardReportGraph>
         <ScorecardReportGraph>VULNERABILITIES_BY_WASC</ScorecardReportGraph>
           </graphs>
           <groups>
             <scorecardReportGroup>GROUP</ScorecardReportGroup>
             <ScorecardReportGroup>OWASP</ScorecardReportGroup>
             <ScorecardReportGroup>WASC</ScorecardReportGroup>
           </groups>
           <options>
             <rawLevels>false</rawLevels>
           </options>
            </display>
            <filters>
              <searchlists>
                <SearchList>
                  <id>43147</id>
                </SearchList>
                <SearchList>
                  <id>43147</id>
                </SearchList>
              </searchlists>
              <scanDate>
                <startDate>2012-08-28</startDate>
                <endDate>2012-10-28</endDate>
              </scanDate>
              <scanStatus>NO_HOST_ALIVE</scanStatus>
              <scanAuthStatus>NONE</scanAuthStatus> 
            </filters>
          </scorecardReport>
        </config>
      /Report>
   </data>
</ServiceRequest>

Response:
 
<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"  
xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">
<responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <Report>
      <id>4629</id>
    </Report>
  </data>
</ServiceResponse>

 

 

 

WAS Reports — Add Report Size Information

Report size in bytes is now provided in the response for FIND and GET requests for all WAS reports.  This is new and will not impact existing API calls.

 

 

Example - Create a catalog report in HTML_BASE64 format.    

 

Request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/scan_report" < file.xml

 

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">

 

  <responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <Report>

      <id>2787</id>

      <name><![CDATA[Catalog Report]]></name>

      <owner>

        <id>123056</id>

        <username>quays_at3</username>

        <firstName><![CDATA[John]]></firstName>

        <lastName><![CDATA[Doe]]></lastName>

      </owner>

      <type>WAS_CATALOG_REPORT</type>

      <format>HTML_BASE64</format>

      <status>COMPLETE</status>

      <size>1245872</size>

      <creationDate>2012-12-18T15:53:02Z</creationDate>

      <lastDownloadDate>2012-12-18T15:53:11Z</lastDownloadDate>

      <downloadCount>1</downloadCount>

      <tags>

        <count>0</count>

      </tags>

    </Report>

  </data>

</ServiceResponse>

 

 


 

 

Simplified API URL

We’ve simplified the URL for WAS scan and schedule requests. The object alias “wasscan” has been renamed to “scan” and the alias “wasschedule” has been renamed to “schedule”. For example, the URL for requesting the current scan count has been changed as follows:

 

from:

https://qualysapi.qualys.com/qps/rest/3.0/count/was/wasscan

 

to:

https://qualysapi.qualys.com/qps/rest/3.0/count/was/scan

 

If you are developing new functions you should use the new URLs.  No changes are necessary to your existing API requests. You can continue to use the object alias “wasscan” and “wasschedule” if you wish.  However at a later time these may be deprecated.

 

 

 

Full release notes will be available to customers from within the Resources section of your QualysGuard account with the WAS 2.4.2 release.

0

A release of QualysGuard® Web Application Scanning 2.4.1 with a new scan option will be available in production in the EU on February 7, 2013. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 20:00 GMT and 04:00 AM GMT next day.

 

Cancel Scan After (n) Hours

We’ve added a new optional element to the API for launching an on-demand scan, using the Launch New Scan API (/qps/rest/3.0/launch/was/wasscan). The new optional element, cancelAfterNHours enables you to specify a number of hours after which the scan will be canceled.  When specified, the scan will stop after the selected running time and the scan will have a status of Canceled. Partial scan results may be available if security tests were performed before the scan was canceled.

 

When used, this element is included in the XML output returned using the View Scan Details API (/qps/rest/3.0/get/was/wasscan/<id>) and Retrieve Results of a Scan API (/qps/rest/3.0/download/was/wasscan/<id>).

 

Full details regarding these updates will be available in the WAS API User Guide on the day of the release.

 

Example: Launch a new discovery scan on the web application with the ID 323126 using the option profile with the ID 1021. Set scan to cancel after 1 hour.

 

 

Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @- "https://qualysapi.qualys.com/qps/rest/3.0/launch/was/wasscan" < file.xml

 

Note: “file.xml” contains the request POST data below:

 

Request POST Data:

 

<ServiceRequest>

  <data>

    <WasScan>

      <name>New scan launched from API</name>

      <type>DISCOVERY</type>

      <target>

        <webApp>

          <id>323126</id>

        </webApp>

      </target>

      <profile>

        <id>1021</id>

      </profile>

      <options>

        <WasScanOption>

          <name>Cancel After 1 hour</name>

          <value>1</value>

        </WasScanOption>

      </options>

    </WasScan>

  </data>

</ServiceRequest>

 

 

Response:

<?xmlversion="1.0" encoding="UTF-8"?>

<ServiceResponsexmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

<responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>16954</id>

    </WasScan>

  </data>

</ServiceResponse>

 

 

To receive more information on QualysGuard WAS 2.4.1, please visit the QualysGuard WAS community or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A release of QualysGuard® Web Application Scanning 2.4.1 with a new scan option will be available in production in the US on January 31, 2013. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 8 PM PST (04:00 AM GMT next day).

 

Cancel Scan After (n) Hours

We’ve added a new optional element to the API for launching an on-demand scan, using the Launch New Scan API (/qps/rest/3.0/launch/was/wasscan). The new optional element, cancelAfterNHours enables you to specify a number of hours after which the scan will be canceled.  When specified, the scan will stop after the selected running time and the scan will have a status of Canceled. Partial scan results may be available if security tests were performed before the scan was canceled.

 

When used, this element is included in the XML output returned using the View Scan Details API (/qps/rest/3.0/get/was/wasscan/<id>) and Retrieve Results of a Scan API (/qps/rest/3.0/download/was/wasscan/<id>).

 

Full details regarding these updates will be available in the WAS API User Guide on the day of the release.

 

Example: Launch a new discovery scan on the web application with the ID 323126 using the option profile with the ID 1021. Set scan to cancel after 1 hour.

 

 

Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @- "https://qualysapi.qualys.com/qps/rest/3.0/launch/was/wasscan" < file.xml

 

Note: “file.xml” contains the request POST data below:

 

Request POST Data:

 

<ServiceRequest>

  <data>

    <WasScan>

      <name>New scan launched from API</name>

      <type>DISCOVERY</type>

      <target>

        <webApp>

          <id>323126</id>

        </webApp>

      </target>

      <profile>

        <id>1021</id>

      </profile>

      <options>

        <WasScanOption>

          <name>Cancel After 1 hour</name>

          <value>1</value>

        </WasScanOption>

      </options>

    </WasScan>

  </data>

</ServiceRequest>

 

 

Response:

<?xmlversion="1.0" encoding="UTF-8"?>

<ServiceResponsexmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

<responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>16954</id>

    </WasScan>

  </data>

</ServiceResponse>

 

 

To receive more information on QualysGuard WAS 2.4.1, please visit the QualysGuard WAS community or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A release of QualysGuard® Web Application Scanning 2.4 with a new report creation API method will be available in production in the US on December 13*, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 12 PM PST (20:00 GMT) and 12 AM PST (08:00 AM GMT next day).

 

*Update: Due to the recent identification of additional platform dependencies the release date has been moved to December 13th to accomodate additional quality assurance testing and ensure a high quality release.  We regret any inconvenience related to this change in schedule.

 

QualysGuard WAS 2.4 includes one new report creation method to the API services which were first made available in the 2.2 release. This notification provides an early preview of this new method.

 

Report Creation API

The Report Creation API has been added to the WAS Report API to allow you to create WAS reports based on security information collected by the most recent scans of your web applications. Using the Report Creation API you can create these reports: Web Application Report, Scan Report, Scorecard Report and Catalog Report. For each report you can choose one of these formats: HTML (ZIP), Web Archive (HTML), PDF, PDF Encrypted, XML, CVS, Microsoft Word (DOC) and PowerPoint (PPT).

 

Full details regarding these updates will be available in the WAS API User Guide on the day of the release.

 

Example: Create a web application report in encrypted PDF format, setting both tags and web applications for the target.

 

Request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" -d @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp_report" < file.xml

 

 

Note: “file.xml” contains the request POST data below:

 

Request POST Data:

 

<ServiceRequest>

  <data>

    <Report>

      <name><![CDATA[My Web Application Report]]></name>

        <description><![CDATA[A simple WebApp report]]></description>

        <format>PDF_ENCRYPTED</format>

        <password>PASSWORD</password>

        <distributionList>

          <set>

            <EmailAddress>EMAIL ADDRESS</EmailAddress>

            <EmailAddress>EMAIL ADDRESS</EmailAddress>

          </set>

        </distributionList>

        <type>WAS_WEBAPP_REPORT</type>

        <config>

          <webAppReport>

            <target>

              <tags>

                <Tag>

                  <id>243130</id>

                </Tag>

                <Tag>

                  <id>243132</id>

                </Tag>

                </tags>

                <webapps>

                  <WebApp>

                    <id>532510</id>

                  </WebApp>

                  <WebApp>

                    <id>532601</id>

                  </WebApp>

                </webapps>

              </target>

              <display>

                <contents>

                  <WebAppReportContent>DESCRIPTION</WebAppReportContent>

                  <WebAppReportContent>SUMMARY</WebAppReportContent>

                  <WebAppReportContent>GRAPHS</WebAppReportContent>

                  <WebAppReportContent>RESULTS</WebAppReportContent>

                </contents>

                <graphs>

              <WebAppReportGraph>VULNERABILITIES_BY_GROUP</WebAppReportGraph>

              <WebAppReportGraph>VULNERABILITIES_BY_OWASP</WebAppReportGraph>

               <WebAppReportGraph>VULNERABILITIES_BY_WASC</WebAppReportGraph>

                </graphs>

                <groups>

                  <WebAppReportGroup>GROUP</WebAppReportGroup>

                  <WebAppReportGroup>OWASP</WebAppReportGroup>

                  <WebAppReportGroup>WASC</WebAppReportGroup>

                </groups>

                <options>

                  <rawLevels>true</rawLevels>

                </options>

                </display>

                <filters>

                  <searchlists>

                    <SearchList>

                      <id>43147</id>

                    </SearchList>

                    </searchlists>

                    <url>http://www.mysite.com/help.html</url>

                    <status>

                      <WebAppFindingStatus>ACTIVE</WebAppFindingStatus>

                      <WebAppFindingStatus>REOPENED</WebAppFindingStatus>

                    </status>

                  </filters>

                </webAppReport>

              </config>

            </Report>

        </data>

     </ServiceRequest>

 

 

Response:

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/report.xsd">

<responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <Report>

      <id>2629</id>

    </Report>

  </data>

</ServiceResponse>

 

 

 

To receive more information on QualysGuard WAS 2.4, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A maintenance release of QualysGuard® Web Application Scanning 2.3.1 with one API enhancement will be available in production in the EU on August 14, 2012. This release is completely transparent to users and will require no scheduled downtime. The release will occur between 20:00 GMT and 02:00 AM GMT next day.

 

 

QualysGuard WAS 2.3.1 includes one enhancement to the API services which were first made available in the 2.2 release. This notification provides an early preview of these enhancements.

 

Scan API

The WAS Scan API provides a call to download scan results.  The scan summary date format included unnecessary zeros.  The dates have been updated to remove the extra zeros in WAS 2.3.1. 

 

An example of the old date format is:

 <VALUE><![CDATA[2012-05-29T18:00:00.000Z]]></VALUE>

 

An example of the new date format is:

<VALUE><![CDATA[2012-05-29T18:00:00Z]]></VALUE>

 

Web App API

 

With the new feature added to lock a scanner, the value of this attribute is now available in the Web App API.   Sample response is listed below with the new 'scannerLocked" attribute at the end:

 

<?xml version="1.0" encoding="UTF-8"?>
<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
  xsi:noNamespaceSchemaLocation="http://localhost:8080/qps-api-provider/xsd/3.0/was/webapp.xsd">
  <responseCode>SUCCESS</responseCode>
  <count>1</count>
  <data>
    <WebApp>
      <id>323126</id>
      <name><![CDATA[Merchant Site - Updated by API]]></name>
      <url><![CDATA[http://1.1.25.116:80/merchant/2.2/themerchant]]></url>
      <owner>
        <id>123056</id>
        <username>quays_at3</username>
        <firstName><![CDATA[John]]></firstName>
        <lastName><![CDATA[Doe]]></lastName>
      </owner>
      <scope>DOMAINS</scope>
      <domains>
        <count>2</count>
        <list>
          <Domain><![CDATA[10.10.25.117]]></Domain>
          <Domain><![CDATA[10.10.25.118]]></Domain>
        </list>
      </domains>
      <attributes>
        <count>3</count>
        <list>
          <Attribute>
            <category>Business Location</category>
            <value><![CDATA[Location]]></value>
          </Attribute>
          <Attribute>
            <category>Business Function</category>
            <value><![CDATA[Function]]></value>
          </Attribute>
          <Attribute>
            <category>Business Description</category>
            <value><![CDATA[Description]]></value>
          </Attribute>
        </list>
      </attributes>
      <defaultProfile>
        <id>1072</id>
        <name><![CDATA[Initial WAS Optionss]]></name>
      </defaultProfile>
      <defaultScanner>
        <type>EXTERNAL</type>
      </defaultScanner>
      <scannerLocked>false</scannerLocked>

 

 

Full details regarding these updates will be available in the WAS API User Guide on the day of the release.

 

To receive more information on QualysGuard WAS 2.3.1, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

0

A new release of QualysGuard®, WAS Version 2.2 with a new set of APIs, will be available in production in the EU datacenter on March 30th, 2012. This release is completely transparent to users and will require no scheduled downtime.


QualysGuard WAS 2.2  includes a number of new API services. This notification provides an early preview of these API services that can be used to integrate WAS 2.2 with external systems or to script workflows.


Web Application API

The WAS Web Application API provides a suite of API functions for managing web application configurations across the enterprise.   The API enables subscribers to create and manage web application configurations used to scan the applications for vulnerabilities.  The API includes the ability to update web application scan default settings and purge scan data.  The following functions are available:

  • Create a new web application
  • Retrieve the current web application count
  • Retrieve a list of web applications
  • View details of a web application
  • Update a web application
  • Purge a web application


 

Scan API

The WAS Scan API provides a suite of API functions for managing web application scans across the enterprise.  The API enables subscribers to launch new scans, list, view and delete scans.  The following functions are available:

  • Launch a new scan
  • Retrieve the current scan count
  • Retrieve a list of scans
  • View scan details
  • Retrieve the status of a scan
  • Retrieve the results of a scan
  • Cancel a running scan
  • Delete an existing scan

 

Schedule API

The WAS Schedule API provides a suite of API functions for managing web application scan schedules across the enterprise.   The API enables subscribers to create, update and delete scan schedules.  The following functions are available:

  • Create a schedule
  • Update a schedule
  • Retrieve the current schedule count
  • Retrieve a list of schedules
  • View schedule details
  • Activate an existing schedule
  • Deactivate an existing schedule
  • Delete one or more existing schedules

 

Report API

The WAS Report API provides a suite of API functions for managing web application reports across the enterprise. The API enables subscribers to manage reports that have been previously saved.  The following functions are available:

  • Retrieve the current report count
  • Retrieve a list of reports
  • View details of a report
  • Retrieve the status of a report
  • Download a report
  • Send an encrypted PDF report
  • Update a report
  • Delete one or more existing reports

 

 

Full details of the API can be found in the WAS API User Guide Version 2.2.

 

To receive more information on QualysGuard WAS 2.2, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.

1

A new release of QualysGuard®, WAS Version 2.2 with a new set of APIs, will be available in production in the US on February 22nd 2012. This release is completely transparent to users and will require no scheduled downtime.


QualysGuard WAS 2.2  includes a number of new API services. This notification provides an early preview of these API services that can be used to integrate WAS 2.2 with external systems or to script workflows.


Web Application API

The WAS Web Application API provides a suite of API functions for managing web application configurations across the enterprise.   The API enables subscribers to create and manage web application configurations used to scan the applications for vulnerabilities.  The API includes the ability to update web application scan default settings and purge scan data.  The following functions are available:

  • Create a new web application
  • Retrieve the current web application count
  • Retrieve a list of web applications
  • View details of a web application
  • Update a web application
  • Purge a web application


 

Scan API

The WAS Scan API provides a suite of API functions for managing web application scans across the enterprise.  The API enables subscribers to launch new scans, list, view and delete scans.  The following functions are available:

  • Launch a new scan
  • Retrieve the current scan count
  • Retrieve a list of scans
  • View scan details
  • Retrieve the status of a scan
  • Retrieve the results of a scan
  • Cancel a running scan
  • Delete an existing scan

 

Schedule API

The WAS Schedule API provides a suite of API functions for managing web application scan schedules across the enterprise.   The API enables subscribers to create, update and delete scan schedules.  The following functions are available:

  • Create a schedule
  • Update a schedule
  • Retrieve the current schedule count
  • Retrieve a list of schedules
  • View schedule details
  • Activate an existing schedule
  • Deactivate an existing schedule
  • Delete one or more existing schedules

 

Report API

The WAS Report API provides a suite of API functions for managing web application reports across the enterprise. The API enables subscribers to manage reports that have been previously saved.  The following functions are available:

  • Retrieve the current report count
  • Retrieve a list of reports
  • View details of a report
  • Retrieve the status of a report
  • Download a report
  • Send an encrypted PDF report
  • Update a report
  • Delete one or more existing reports

 

 

Full details regarding these will be available in the WAS API User Guide Version 2.2 on the day of the release.

 

To receive more information on QualysGuard WAS 2.2, please visit the Qualys Community at https://community.qualys.com or contact your Technical Account Manager or Qualys' Technical Support Department at support@qualys.com.



Bookmarked By (0)

Actions