1 2 3 Previous Next 115 Posts tagged with the api tag

A new release of Qualys Cloud Suite, Version 8.7 includes an API update which is targeted soon for release. The specific day will differ depending on the platform.  See platform release dates for more information. This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in this release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.7 API Release Notification

 

What’s New

  1. Scan Report List - New Target Element
  2. New Schedule Report API
  3. VM - Easily Identify Vulnerabilities Supported by Module
  4. VM - First Found Date Added to Asset Search Report CSV, XML
  5. VM - Show Detections Updated Since Certain Time
  6. PC - New Exception Management API

 

For more details about the above features – please review the attached release notes.

 

Platform release dates will be published on the Qualys Status page when available.

A minor update of Qualys Cloud Suite includes an API update which is targeted for release in February 2016.   The specific day will differ depending on the platform.   This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.

 

For details about the changes, please see the attached detailed XML schema attached.

 

 

What's New

  • Asset Management v2 API

 

Asset Management v2 API

https://<baseurl>/qps/rest/2.0/search/am/hostasset/<id>

https://<baseurl>/qps/rest/2.0/get/am/hostasset/<id>

 

 

These two API's will now return the additional fields outlined in the attached XML file.

A new release of Qualys Cloud Suite, Version 2.11 includes an API update which is targeted for release in January.  This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.  The specific day will differ depending on the platform.  Platform release dates will be published on the Qualys Status page when available.

 

This release gives you more ways to integrate your programs and API calls and includes new features for Continuous Monitoring and Asset Management APIs.

 

What's New

 

JSON Support - Qualys Asset Management and Tagging API v2 and the Qualys Continuous Monitoring API now support JSON requests and responses.

 

For details about the changes, please see the attached detailed release notes included below.

A new release of Qualys WAS, Version 4.5 which includes API updates and updated report formats, is targeted for release in January. The specific day will differ depending on the platform.  Platform release dates will be published on the Qualys Status page when available.  The updated APIs for WAS 4.5 give you more ways to integrate your programs and API calls with Web Application Scanning (WAS).

 

The Qualys WAS API 4.5 gives you more ways to integrate your programs and API calls with Web Application Scanning (WAS). Looking for our API user guides? Just log in to your account and go to Help > Resources.

 

What’s New

  • Scan API - default authentication for scans
  • Search Scan API - new CANCELED keyword
  • Finding API - payloads element removed from XSD
  • JSON Support
  • Condensed CSV output for Web App and Scan Reports

 

Please see the attached PDF for all API details and changes including examples and API base URLs.

A new release of Qualys Cloud Suite, Version 8.7 includes an API update which is targeted for release in January 2016.   The specific day will differ depending on the platform.  See platform release dates for more information. This API notification provides an early preview into the coming API changes, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.

 

What's New

  1. Scan Report List - New Target Element
  2. VM - Vulnerability Threat Intelligence Information
  3. VM - Easily Identify Vulnerabilities Supported by Module
  4. VM - First Found Date Added to Asset Search Report CSV, XML

 

Scan Report List - New Target Element

The Scan Report List API (/msp/scan_report_list.php) is used to retrieve a list of saved scan reports in XML format. A new TARGET element in the XML output lists the IP address(es) that were scanned. In previous releases, the target was shown as an attribute of the SCAN_REPORT element.  There are changes to the XML output and DTD.

 

VM - Vulnerability Threat Intelligence Information

We’ve added Real-time Threat Indicators to the vulnerabilities in our KnowledgeBase and you can easily report on them to get threat intelligence information right away.

 

Real-time Threat Indicators are data points collected per vulnerability that contain accurate, timely and actionable information aggregated from multiple reliable data sources, allowing you to prioritize and filter the flood of security alerts.

 

Current Real-time threat indicators include values such as Zero Day, Exploit Public, Active Attacks, High Lateral Movement, Easy Exploit, High Data Loss, Denial of Service, No Patch.

 

Changes are made to the Dynamic Search List API (v2), KnowledgeBase API (v2), and KnowledgeBase Download (v1).  Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

 

VM - Easily Identify Vulnerabilities Supported by Module

Now you can find out what vulnerabilities in our KnowledgeBase are supported by different Qualys modules - VM, Cloud Agent, WAS, WAF and MD. Use the KnowledgeBase Search option to identify vulnerabilities that can be detected by VM scans, Windows Cloud Agent and Linux Cloud Agent plus more. We’ve added a supported modules section to the vulnerability (QID) information, and this is where you’ll see the Qualys modules that may be used to detect each QID.

 

Changes are made to the Dynamic Search List API (v2), KnowledgeBase API (v2), and KnowledgeBase Download (v1).  Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

 

VM - First Found Date Added to Asset Search Report CSV, XML

You can now view the First Found Date of an asset in the same way you download other data of the Asset Search Report.

The report can be downloaded from the Asset Search Report page, or via the Asset Search API (v1).

 

Please review the release notes for details of the changes to the API calls, XML Output, and DTD.

A new release of Qualys WAS, Version 4.5 which includes API updates and updated report formats, is targeted for release in January. The specific day will differ depending on the platform.  See platform release dates for more information.  The updated APIs for WAS 4.5 give you more ways to integrate your programs and API calls with Web Application Scanning (WAS).

 

What’s New

  1. Search Scan API - new CANCELED keyword
  2. Condensed CSV output for Web App and Scan Reports

 

Search Scan API - new CANCELED keyword

The Search Scan API allows you to search for scans that have been canceled. We updated the Criteria “status” to CANCELED, to make it consistent in the WAS application. (In previous releases it was CANCELLED).

 

Affected API: /qps/rest/3.0/search/was/scan/

Updated XSD: scan.xsd, wassscan.xsd

 

Condensed CSV output for Web App and Scan Reports

Now you’ll get more condensed versions of your Web Application Reports and Scan Reports in CSV format. The reports display each vulnerability and sensitive content using a single line.

 

 

Looking for our API user guides? Just log in to your account and go to Help > Resources.

 

Please see the attached PDF for all API details and changes including examples and API base URLs.

WAS API 4.4 includes improvements, giving you more ways to integrate your programs and API calls with Web Application Scanning (WAS). Looking for our API user guides? Just log in to your  account and go to Help > Resources.

 

What’s New

  • Option Profile API - Support for server error thresholds before stopping a scan
  • Scan API - Scan information now includes user who canceled a scan

 

Tell me about the base URL 

Our documentation and sample code use the API server URL for  US Platform 1. Do you have another base URL? If yes please use it instead.


Account Login
Base URL
US Platform 1https://qualysapi.qualys.com/
US Platform 2https://qualysapi.qg2.apps.qualys.com/
EU Platform

https://qualysapi.qualys.eu

 

Option Profile API - Support for server error thresholds before stopping a scan


Web applications can return different kinds of server side errors or error indicators using a WAS scan. Some of these are a sign of the server possibly getting overloaded (or unresponsive) due to the scan behavior or an alternate condition.


With this release we’ve added new controls to stop a scan on such errors and customize a threshold for conditions in the option profile: Timeout Error Threshold (default is 20) and Unexpected Error Threshold (default is 48). You can customize the threshold values and disable them by setting to 0.


Updated XSD: optionprofile.xsd


Option Profile CREATE API


1) Create Option Profile - with no error threshold specified (default values applied)


API Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"

--data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/optionprofile/" < file.xml

 

Note: “file.xml” contains the request POST data.


Request POST Data:


<ServiceRequest>

   <data>

      <OptionProfile> 

         <name><![CDATA[My OP - with no error threshold specified]]></name>  

      </OptionProfile>     

   </data>

</ServiceRequest>

 

XML response:


<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/optionprofile.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <data>

        <OptionProfile>

            <id>451935</id>

            <name>

                <![CDATA[My OP - with no error threshold specified]>

            </name>

            <owner>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </owner>

            <isDefault>false</isDefault>

            <tags>

                <count>0</count>

            </tags>

            <formSubmission>BOTH</formSubmission>

            <maxCrawlRequests>300</maxCrawlRequests>

            <timeoutErrorThreshold>20</timeoutErrorThreshold>

            <unexpectedErrorThreshold>48</unexpectedErrorThreshold>

            <parameterSet>

                <id>0</id>

                <name>

                    <![CDATA[Initial Parameters]]>

                </name>

            </parameterSet>

            <ignoreBinaryFiles>false</ignoreBinaryFiles>

            <performance>LOW</performance>

            <bruteforceOption>MINIMAL</bruteforceOption>

            <comments>

                <count>0</count>

            </comments>

            <sensitiveContent>

                <creditCardNumber>false</creditCardNumber>

                <socialSecurityNumber>false</socialSecurityNumber>

            </sensitiveContent>

            <createdDate>2015-11-05T00:49:11Z</createdDate>

            <createdBy>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </createdBy>

            <updatedDate>2015-11-05T00:49:11Z</updatedDate>

            <updatedBy>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </updatedBy>

        </OptionProfile>

    </data>

</ServiceResponse>

 

2) Create Option Profile - with custom error threshold values


API Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"

--data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/optionprofile/" < file.xml

 

Note: “file.xml” contains the request POST data.


Request POST Data:


<ServiceRequest>

   <data>

      <OptionProfile> 

         <name><![CDATA[My OP - with custom error threshold]]></name>  

         <timeoutErrorThreshold>22</timeoutErrorThreshold>

         <unexpectedErrorThreshold>50</unexpectedErrorThreshold>

      </OptionProfile>     

   </data>

</ServiceRequest>

 

XML response:


<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/optionprofile.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <data>

        <OptionProfile>

            <id>454733</id>

            <name>

                <![CDATA[My OP - with custom error threshold]]>

            </name>

            <owner>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </owner>

            <isDefault>false</isDefault>

            <tags>

                <count>0</count>

            </tags>

            <formSubmission>BOTH</formSubmission>

            <maxCrawlRequests>300</maxCrawlRequests>

            <timeoutErrorThreshold>22</timeoutErrorThreshold>

            <unexpectedErrorThreshold>50</unexpectedErrorThreshold>

            <parameterSet>

                <id>0</id>

                <name>

                    <![CDATA[Initial Parameters]]>

                </name>

            </parameterSet>

            <ignoreBinaryFiles>false</ignoreBinaryFiles>

            <performance>LOW</performance>

            <bruteforceOption>MINIMAL</bruteforceOption>

            <comments>

                <count>0</count>

            </comments>

            <sensitiveContent>

                <creditCardNumber>false</creditCardNumber>

                <socialSecurityNumber>false</socialSecurityNumber>

            </sensitiveContent>

            <createdDate>2015-11-12T00:00:23Z</createdDate>

            <createdBy>

...

 

3) Create Option Profile - with custom error threshold values as 0, to disable settings


API Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"

--data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/optionprofile/" < file.xml

 

Note: “file.xml” contains the request POST data.


Request POST Data:


<ServiceRequest>

   <data>

      <OptionProfile> 

         <name><![CDATA[My OP - with no threshold specified]]></name>  

         <timeoutErrorThreshold>0</timeoutErrorThreshold>

         <unexpectedErrorThreshold>0</unexpectedErrorThreshold>

      </OptionProfile>

   </data>

</ServiceRequest>

 

XML response:

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/optionprofile.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <data>

        <OptionProfile>

            <id>453133</id>

            <name>

                <![CDATA[My OP - with no threshold specified]]>

            </name>

            <owner>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </owner>

            <isDefault>false</isDefault>

            <tags>

                <count>0</count>

            </tags>

            <formSubmission>BOTH</formSubmission>

            <maxCrawlRequests>300</maxCrawlRequests>

            <parameterSet>

                <id>0</id>

                <name>

                    <![CDATA[Initial Parameters]]>

                </name>

            </parameterSet>

            <ignoreBinaryFiles>false</ignoreBinaryFiles>

            <performance>LOW</performance>

            <bruteforceOption>MINIMAL</bruteforceOption>

            <comments>

                <count>0</count>

            </comments>

            <sensitiveContent>

                <creditCardNumber>false</creditCardNumber>

                <socialSecurityNumber>false</socialSecurityNumber>

            </sensitiveContent>

            <createdDate>2015-11-07T01:29:24Z</createdDate>

            <createdBy>

...

 

Option Profile UPDATE API


Update Option Profile - with custom threshold values


API Request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"

--data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/update/was/optionprofile/452933" < file.xml

 

Note: “file.xml” contains the request POST data.


Request POST Data:


ServiceRequest>

   <data>

      <OptionProfile>

         <name><![CDATA[My OP - with custom threshold values]]></name>  

         <timeoutErrorThreshold>200</timeoutErrorThreshold>

         <unexpectedErrorThreshold>20</unexpectedErrorThreshold>

      </OptionProfile>

   </data>

</ServiceRequest>

 

XML response:

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/optionprofile.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <data>

        <OptionProfile>

            <id>452933</id>

        </OptionProfile>

    </data>

</ServiceResponse>

 

Option Profile GET API


GET Option Profile - with custom threshold values


API Request:


curl -u "USERNAME:PASSWORD"

"https://qualysapi.qualys.com/qps/rest/3.0/get/was/optionprofile/452933"

 

Note: “file.xml” contains the request POST data.


XML response:


<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/optionprofile.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <data>

        <OptionProfile>

            <id>452933</id>

            <name>

                <![CDATA[My OP - with custom threshold values]]>

            </name>

            <owner>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </owner>

            <isDefault>false</isDefault>

            <tags>

                <count>0</count>

            </tags>

            <formSubmission>BOTH</formSubmission>

            <maxCrawlRequests>300</maxCrawlRequests>

            <timeoutErrorThreshold>200</timeoutErrorThreshold>

            <unexpectedErrorThreshold>20</unexpectedErrorThreshold>

            <parameterSet>

                <id>0</id>

                <name>

                    <![CDATA[Initial Parameters]]>

                </name>

            </parameterSet>

            <ignoreBinaryFiles>false</ignoreBinaryFiles>

            <performance>LOW</performance>

            <bruteforceOption>MINIMAL</bruteforceOption>

            <comments>

                <count>0</count>

            </comments>

            <sensitiveContent>

                <creditCardNumber>false</creditCardNumber>

                <socialSecurityNumber>false</socialSecurityNumber>

            </sensitiveContent>

            <createdDate>2015-11-05T21:54:17Z</createdDate>

            <createdBy>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </createdBy>

            <updatedDate>2015-11-12T00:04:15Z</updatedDate>

            <updatedBy>

                <id>4354</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </updatedBy>

        </OptionProfile>

    </data>

</ServiceResponse>

 

 

Scan API - Scan information now includes user who canceled a scan


Previously we did not provide information on the user who canceled a scan. We’ve updated the XML output for the Scan SEARCH API and Scan GET API.


Updated XSD: scan.xsd, wassscan.xsd


Scan SEARCH API


Search response shows user who canceled a scan


API request:


curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"

--data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/search/wasscan/" < file.xml

 

Note: “file.xml” contains the request POST data.


Request POST Data:


<ServiceRequest>

   <filters>

      <Criteria field="id" operator="IN">1447989</Criteria>   

   </filters>

</ServiceRequest>

 

XML output:

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/scan.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <hasMoreRecords>false</hasMoreRecords>

    <data>

        <WasScan>

            <id>1447989</id>

            <name>

                <![CDATA[My Vulnerability Scan]]>

            </name>

            <reference>was/1446408743390.1856849</reference>

            <type>VULNERABILITY</type>

            <mode>ONDEMAND</mode>

            <multi>false</multi>

            <target>

                <webApp>

                    <id>2431279</id>

                    <name>

                        <![CDATA[127.0.0.1]]>

                    </name>

                    <url>

                        <![CDATA[http://127.0.0.1/]]>

                    </url>

                </webApp>

                <scannerAppliance>

                    <type>EXTERNAL</type>

                </scannerAppliance>

                <cancelOption>SPECIFIC</cancelOption>

            </target>

            <profile>

                <id>28147</id>

                <name>

                    <![CDATA[My Option Profile]]>

                </name>

            </profile>

            <launchedDate>2015-11-01T20:12:23Z</launchedDate>

            <launchedBy>

                <id>2226741</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </launchedBy>

            <status>CANCELLED</status>

           <cancelMode>USER</cancelMode>

            <canceledBy>

                <id>9872437571</id>

                <username>acme_bb5</username>

            </canceledBy>

        </WasScan>

    </data>

</ServiceResponse>

 

Scan GET API


Get scan details shows user who canceled a scan


API request:


curl -u "USERNAME:PASSWORD"

"https://qualysapi.qualys.com/qps/rest/3.0/get/was/wasscan/1447989"

 

XML output:


<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>1</count>

    <data>

        <WasScan>

            <id>1447989</id>

            <name>

                <![CDATA[My Vulnerability Scan]]>

            </name>

            <reference>was/1446408743390.1856849</reference>

            <type>VULNERABILITY</type>

            <mode>ONDEMAND</mode>

            <progressiveScanning>false</progressiveScanning>

            <multi>false</multi>

            <target>

                <webApp>

                    <id>2431279</id>

                    <name>

                        <![CDATA[127.0.0.1]]>

                    </name>

                    <url>

                        <![CDATA[http://127.0.0.1/]]>

                    </url>

                </webApp>

                <scannerAppliance>

                    <type>EXTERNAL</type>

                </scannerAppliance>

                <cancelOption>SPECIFIC</cancelOption>

            </target>

            <profile>

                <id>28147</id>

                <name>

                    <![CDATA[My Option Profile]]>

                </name>

            </profile>

            <options>

                <count>15</count>

                <list>

                    <WasScanOption>

                        <name>My Authentication Record</name>

                        <value>

                            <![CDATA[None]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Unexpected Error Threshold</name>

                        <value>

                            <![CDATA[48]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Sensitive Content: Credit Card Numbers</name>

                        <value>

                            <![CDATA[false]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Performance Settings</name>

                        <value>

                            <![CDATA[MEDIUM]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Scanner Appliance</name>

                        <value>

                            <![CDATA[External]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Detection Scope</name>

                        <value>

                            <![CDATA[COMPLETE]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Crawling Form Submissions</name>

                        <value>

                            <![CDATA[NONE]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Bruteforce Settings</name>

                        <value>

                            <![CDATA[MINIMAL]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Option Profile Name</name>

                        <value>

                            <![CDATA[My Option Profile]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Maximum Crawling Links</name>

                        <value>

                            <![CDATA[300]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Timeout Error Threshold</name>

                        <value>

                            <![CDATA[20]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Web Application Name</name>

                        <value>

                            <![CDATA[127.0.0.1]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Request Parameter Set</name>

                        <value>

                            <![CDATA[Initial Parameters]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Sensitive Content: Social Security Numbers (US)</name>

                        <value>

                            <![CDATA[false]]>

                        </value>

                    </WasScanOption>

                    <WasScanOption>

                        <name>Target URL</name>

                        <value>

                            <![CDATA[http://127.0.0.1/]]>

                        </value>

                    </WasScanOption>

                </list>

            </options>

            <launchedDate>2015-11-01T20:12:23Z</launchedDate>

            <launchedBy>

                <id>2226741</id>

                <username>acme_ak1</username>

                <firstName>

                    <![CDATA[Amy]]>

                </firstName>

                <lastName>

                    <![CDATA[Kim]]>

                </lastName>

            </launchedBy>

            <status>CANCELLED</status>

            <cancelMode>USER</cancelMode>

            <canceledBy>

                <id>9872437571</id>

                <username>acme_bb5</username>

            </canceledBy>

            <sendMail>true</sendMail>

        </WasScan>

    </data>

</ServiceResponse>

A new release of Qualys Cloud Suite, Version 8.6, includes an API update which is targeted for release in November 2015.

 

This API notification provides an early preview into the upcoming API features and enhancements in Qualys Cloud Suite 8.6, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in the 8.6 release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.6 API Release Notification

 

Full release notes will be available to customers on the day of the release.

 

Qualys API Enhancements

 

Select Scanner Appliances using Asset Tags

 

The Scan API v2 (/api/2.0/fo/scan/) has been updated to support the selection of a scanner appliance via tags.  The parameter “scanners_in_tagset” can be used when launching or scheduling a scan using tags via the API.  The Appliance API v2 (/api/2.0/fo/appliance/) parameter "output_mode" can be used to list the asset tags for each scanner.


For more details on the new feature, please review <Qualys Cloud Suite 8.6 New Features blog entry>.

 


Appliance List Output - Running Slices Count

 

We’ve updated the Appliance API v2 (/api/2.0/fo/appliance/) appliance list output to tell you if an appliance is available or busy.  You'll see the new RUNNING_SLICES_COUNT element in the output, a 0 value indicates the appliance is not busy and available.

 


User List Output - Timezone Code

 

The User List v1 API (/msp/user_list.php) user list output now includes the timezone code selected for each user - either the browser’s timezone (Auto) or a user-selected timezone (e.g., US-NY).

 


Scan List Output - Target No Longer Truncated

 

We will now show the full list of target IPs in the output when you make a scan list request. In previous releases, we would truncate the target list after a set number of

characters and show [...] to indicate that it was truncated.

 


VM - Download the KnowledgeBase to CSV, XML

 

You can download the KnowledgeBase in the same way you download other data lists from the UI. Simply choose Download from the New menu when you’re on the KnowledgeBase tab. Then select a file format (CSV or XML). Only the records and columns shown in the UI will be included in the downloaded report.

 


VM - View multiple Oracle instances on a port

 

You’ll see scanned Oracle instances listed separately in scan results, scan reports, host detection results and ticket list output. Note you’ll need to create a separate Oracle authentication record for each of the instances you want to scan.


There are no changes made to API calls or DTDs.

 


VM - Create static search lists

 

Our new Static Search List API (/api/2.0/fo/qid/search_list/static/) lets you create, update, list, and delete static search lists and get detailed information about them.

 


VM - Create dynamic search lists

 

Our new Dynamic Search List API (/api/2.0/fo/qid/search_list/dynamic/) lets you create, update, list, and delete dynamic search lists and get detailed information about them.

 


VM - Vendor IDs and references PC

 

Our new Vendor API (/api/2.0/fo/vendor/) lists vendor IDs and names. This vendor information may be defined as part of dynamic search list query criteria.

 


VM - Display Host Identification Information in Scan Reports

 

When you have cloud agents they’re collecting additional host information. Now you can include more host identification information in your scan reports like IP addresses (IPv4 and IPv6) and the asset ID for each host. This option is available for scan reports in all formats, including XML. The Asset Data Report DTD has been updated. (This information is only available when VM agents are licensed in your account.)

 


PC - Display reference information in reports

With this release you can view the Reference information for controls in Policy Compliance and Compliance Interactive reports. We’ve updated DTDs for Individual Host Compliance Report (individual_host_compliance_report.dtd) and Control Pass/Fail Report (control_pass_fail_report.dtd).

 


A new release of Qualys WAS, Version 4.3 which includes API updates, is targeted for release in October. The specific day will differ depending on the platform.  See platform release dates for more information.  The updated APIs for WAS 4.3 enhance the ability to fully automate and integrate the Qualys WAS solution with other customer applications.  WAS APIs enable customers to perform all the major functions within WAS including creating web applications to scan, launching and scheduling scans, and running and retrieving reports.  The APIs enable custom integrations with GRC tools, bug tracking systems and web application firewalls (WAFs) just to name a few.

 

This API notification provides an early preview into the coming API changes in Qualys WAS 4.3, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

Please refer to attached document ( WAS 4.3 API Release Notification.pdf ) for full details and examples with full XML output.

 

API Enhancements

 

  • Option Profile API - Update Owner
  • DNS Override Settings
  • Disable Scan Complete Notification
  • Custom Attributes for Web Apps

 

Option Profile API - Update Owner

 

The Option Profile API has been updated to allow users to update the option profile owner. A new owner / id element has been added.

 

API Request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST"

--data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/update/was/optionprofil

e/123456" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST Data:

 

<ServiceRequest>

   <data>

      <OptionProfile>

         <owner><id>123456</id></owner>

      </OptionProfile>

   </data>

</ServiceRequest>

 

DNS Override Settings

 

For this release users can define DNS override settings and apply them to scans. We’ve made updates to multiple WAS APIs to support this capability. DNS override settings are defined using the WAS user interface. The mappings you define will override the DNS associated with the target web application URL.

 

WebApp API

 

Updated XSD: webapp.xsd

 

New section for WebApp CREATE and UPDATE

 

Assign DNS override settings, one or more records, to a web application when making requests to create and update web applications. Records are specified in the dnsOverrides section.

 

API request (CREATE):

 

curl -u "USERNAME:PASSWORD" -H "Content-type: text/xml" -X "POST" --data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp/" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

   <data>

      <WebApp>

         <name><![CDATA[My Web App]]></name>

         <url><![CDATA[http://test.com]]></url>

         <scope>ALL</scope>

         <defaultScanner>

            <type>EXTERNAL</type>

            </defaultScanner>

            <scannerLocked>false</scannerLocked>

      <dnsOverrides>

         <set>

            <DnsOverride>

               <id>2022</id>

            </DnsOverride>

         </set>

      </dnsOverrides>

      <useRobots>IGNORE</useRobots>

      <useSitemap>false</useSitemap>

      <malwareMonitoring>false</malwareMonitoring>

   </WebApp>

</data>

</ServiceRequest>

 

Updated response from WebApp GET


When a web application has default DNS override settings defined, the new dnsOverrides element lists the record(s) containing the DNS override settings.


API request:

 

curl -u "USERNAME:PASSWORD" "https://qualysapi.qualys.com/qps/rest/3.0/get/was/webapp/2508873"

 

Scan API

 

Updated XSD: scan.xsd, wasscan.xsd

 

New attribute for Scan LAUNCH

 

Use the new dnsOverride element to specify DNS override settings, one or more records.

 

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/launch/was/wasscan" < file.xml

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

   <data>

      <WasScan>

         <name><![CDATA[Launch Scan from API with DNS Override)]]></name>

         <type>VULNERABILITY</type>

         <target>

            <webApp>

               <id>2461682</id>

            </webApp>

            <scannerAppliance>

               <type>EXTERNAL</type>

            </scannerAppliance>

            <dnsOverride><id>3220</id></dnsOverride>

         </target>

         <profile><id>395933</id></profile>

      </WasScan>

   </data>

</ServiceRequest>

 

Updated response from Scan GET

 

When a scan has DNS override settings defined, the dnsOverride element lists DNS override settings (record) to be used for scanning.

 

API request:

 

curl -u "USERNAME:PASSWORD" "https://qualysapi.qualys.com/qps/rest/3.0/get/was/wasscan/1381602"

 

Scan Schedule API

 

Updated XSD: schedule.xsd, wasscanschedule.xsd

 

New attribute for Schedule CREATE and UPDATE


Use the new dnsOverride element to specify DNS override settings.

 

API request (CREATE):

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/create/was/wasscanschedule" < file.xml

 

Request POST data:

 

<ServiceRequest>

<data>

   <WasScanSchedule>

     <name><![CDATA[My Scan Schedule]]></name>

     <type>VULNERABILITY</type>

     <active>false</active>   

     <scheduling>

        <!--<cancelTime>15:00</cancelTime> -->

        <cancelAfterNHours>7</cancelAfterNHours>

       <startDate>2013-09-30T13:11:00Z</startDate>

       <timeZone>

         <code>America/Dawson</code>

       </timeZone>

       <occurrenceType>ONCE</occurrenceType>

     </scheduling>

     <target>

            <webApp>

               <id>2461682</id>

            </webApp>

       <scannerAppliance>

         <type>EXTERNAL</type>

       </scannerAppliance>

       <cancelOption>DEFAULT</cancelOption>

       <dnsOverride><id>3220</id></dnsOverride>

     </target>

     <profile>

        <id>395933</id>

     </profile>

   </WasScanSchedule>

</data>

</ServiceRequest>

 

API request (UPDATE):

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/update/was/wasscanschedule/340194" < file.xml

 

Request POST data:

 

<ServiceRequest>

<data>

   <WasScanSchedule>

       <target>

         <dnsOverride><id>3220</id></dnsOverride>

     </target>

   </WasScanSchedule>

</data>

</ServiceRequest>

 

Updated response from Schedule GET


When a scan schedule has DNS override settings defined, the dnsOverride element lists the DNS override settings to be used for scanning.

 

API request:

 

curl -u "USERNAME:PASSWORD" "https://qualysapi.qualys.com/qps/rest/3.0/get/was/wasscanschedule/340194" < file.xml

 

Request POST data:

 

<ServiceRequest>

<data>

   <WasScanSchedule>

       <target>

         <dnsOverride><id>3220</id></dnsOverride>

     </target>

   </WasScanSchedule>

</data>

</ServiceRequest>

 

Disable Scan Complete Notification

 

By default we’ll send email notifications to users when a scan completes. Now you can disable this notification when making a request to launch a scan or schedule a scan. The Using the WAS API just specify <sendMail>false</sendMail> as shown below for your scan or schedule request.

 

Scan API Update

 

Updated XSD: scan.xsd, wasscan.xsd

 

New attribute for Scan LAUNCH

 

Use new sendMail attribute to disable scan complete email notifications.

 

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/launch/was/wasscan" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <data>

    <WasScan>

      <name><![CDATA[My Vulnerability Scan]]></name>

      <type>VULNERABILITY</type>

      <target>

        <webApp>

          <id>2376280</id>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

        <cancelOption>DEFAULT</cancelOption>

      </target>

       <sendMail>false</sendMail>

    </WasScan>

  </data>

</ServiceRequest>

 

Update to Scan GET

 

New sendMail element in the XML output.

 

API request:

 

curl -u "USERNAME:PASSWORD" "https://qualysapi.qualys.com/qps/rest/3.0/get/was/wasscan/1382978"

 

Scan Schedule API

 

Updated XSD: schedule.xsd, wasscanschedule.xsd

 

New attribute for Schedule CREATE and UPDATE


Use new sendMail attribute to disable scan complete email notifications.

 

API request (UPDATE):

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/update/was/wasscanschedule" < file.xml

 

Request POST data:

 

<ServiceRequest>

  <data>

    <WasScanSchedule>

      <notification>

        <active>true</active>

        <delay>

          <nb>4</nb>

          <scale>DAY</scale>

        </delay>

        <recipients>

          <set>         <EmailAddress><![CDATA[name1@company.com]]></EmailAddress>         <EmailAddress><![CDATA[name2@company.com]]></EmailAddress>                 <EmailAddress><![CDATA[name3@company.com]]></EmailAddress>          

          </set>

        </recipients>

        <message><![CDATA[The schedule notification message]]></message>      

      </notification>

       <sendMail>false</sendMail>

    </WasScanSchedule>

  </data>

</ServiceRequest>

 

Update to Schedule GET

 

New sendMail element in the XML output.

 

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/get/was/wasscanschedule/1688” < file.xml

 

Custom Attributes for Web Apps


WAS 4.3 gives you the ability to assign custom attributes to your web applications. Using the WebApp API you can add, update and search custom attributes.

 

Web App API

 

Updated XSD: webapp.xsd

 

Web App SEARCH supports searching custom attributes

 

Search custom attributes using the new field attribute for the Criteria element.

 

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/search/was/webapp" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data (CONTAINS):

 

Find web applications that have a custom attribute name “Function” and this attribute has a value that contains “web” (case insensitive search).

 

<ServiceRequest>

       <filters>

         <Criteria field="attributes" name="Function"  operator="CONTAINS">web</Criteria>

       </filters>

</ServiceRequest>

 

Request POST data (EQUALS):

 

Find web applications that have a custom attribute name “Function” and this attribute has a value that is equal to “web”.

 

<ServiceRequest>

       <filters>

         <Criteria field="attributes" name="Function" operator="EQUALS">web</Criteria>

       </filters>

</ServiceRequest>

 

Request POST data (NOT EQUALS):

 

Find web applications that have a custom attribute name “Function” and this attribute has a value not equal to “web”.

 

<ServiceRequest>

       <filters>

         <Criteria field="attributes" name="Function" operator="NOT EQUALS">web</Criteria>

       </filters>

</ServiceRequest>

 

New section for WebApp CREATE

 

When custom attributes are defined they appear in the XML output in the new attributes element.

 

API request (CREATE):

 

Create a new web app with custom attributes.

 

curl -u "USERNAME:PASSWORD" -H "Content-type: text/xml" -X "POST" --data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/create/was/webapp/" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <data>

    <WebApp>

        <name><![CDATA[Custom Attribute via API]]></name> <url><![CDATA[http://funkytown.vuln.qa.qualys.com:80/updated_web_app_name/]]></url>

        <attributes>

            <set>

            <Attribute>

             <name>Custom key 1</name>

             <value><![CDATA[Custom value 1]]></value>

            </Attribute>

            </set>

        </attributes>

    </WebApp>

   </data>

</ServiceRequest>


New section for WebApp UPDATE

 

Add, update and remove attribute names and values using the new input attribute “attributes”.

 

API request (UDATE sample 1):

 

Modify existing custom attribute value.

 

curl -u "USERNAME:PASSWORD" -H "Content-type: text/xml" -X "POST"

--data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/update/was/webapp/2514679" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

ServiceRequest>

  <data>

        <WebApp>

            <attributes>

                <update>

                    <Attribute>

                     <name>Custom key 1</name>

                     <value><![CDATA[Custom value 2]]></value>

                    </Attribute>

                </update>

            </attributes>

        </WebApp>

  </data>

</ServiceRequest>

 

API request (UDATE sample 2):

 

Add new custom attribute value.

 

curl -u "USERNAME:PASSWORD" -H "Content-type: text/xml" -X "POST"

--data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/update/was/webapp/2514679" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <data>

        <WebApp>

            <attributes>

                <add>

                    <Attribute>

                     <name>Custom key 3</name>

                     <value><![CDATA[Custom value 3]]></value>

                    </Attribute>

                </add>

            </attributes>

        </WebApp>

  </data>

</ServiceRequest>

 

API request (UDATE sample 3):


Remove existing custom attribute value.

 

curl -u "USERNAME:PASSWORD" -H "Content-type: text/xml" -X "POST"

--data-binary @- "https://qualysapi.qualys.com/qps/rest/3.0/update/was/webapp/2514679" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <data>

        <WebApp>

            <attributes>

                <remove>

                    <Attribute>

                     <name>Custom key 3</name>

                    </Attribute>

                </remove>

            </attributes>

        </WebApp>

  </data>

</ServiceRequest>

A new release of Qualys Cloud Suite, Version 8.6, includes an API update which is targeted for release in October 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.6, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes six features with changes to XML, CSV output, and/or DTD which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

Select Scanner Appliances using Asset Tags - With this release you can use asset tags to select scanner appliances for your scans.  The related scan and schedule API v2 (/api/2.0/fo/scan/, /api/2.0/fo/schedule/scan/, /api/2.0/fo/appliance/) have been updated to support this new feature.  There are several new API requests and related XML output as well as a change to the appliance list output DTD (appliance_list_output.dtd).

 

Appliance List Output - Running Slices Count added - We’ve updated the appliance list output to tell you if an appliance is available or busy.  The Appliance API v2 (api/2.0/fo/appliance/) has been updated along with related XML output.  A new section has been added to the Appliance List Output DTD (appliance_list_output.dtd).

 

User List Output - Timezone Code added - The User List v1 API (/msp/user_list.php) lets you view the users in the subscription. The user list output now includes the timezone code selected for each user - either the browser’s timezone (Auto) or a user-selected timezone (e.g., US-NY). The XML output and User List Output DTD (user_list_output.dtd) have been updated.

 

Scan List Output - Target No Longer Truncated - We will now show the full list of target IPs in the output when you make a scan list request.  The Scan API v2 (/api/2.0/fo/scan/) and related XML output have been updated.

 

VM - Download the KnowledgeBase to CSV, XML - You can download the KnowledgeBase in the same way you download other data lists from the UI.  The output is provided in CSV or XML.

 

PC - Display reference information in reports - With this release you can view the Reference information for controls in Policy Compliance and Compliance Interactive reports. The XML output and several DTDs have updates (individual_host_compliance_report.dtd, control_pass_fail_report.dtd).


A new release of Qualys WAS, Version 4.3 which includes API updates, is targeted for release in October. The specific day will differ depending on the platform.  See platform release dates for more information.  The updated APIs for WAS 4.3 enhance the ability to fully automate and integrate the Qualys WAS solution with other customer applications.  WAS APIs enable customers to perform all the major functions within WAS including creating web applications to scan, launching and scheduling scans, and running and retrieving reports.  The APIs enable custom integrations with GRC tools, bug tracking systems and web application firewalls (WAFs) just to name a few.

 

 

This API notification provides an early preview into the coming API changes in Qualys WAS 4.3, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.


 

API Enhancements

 

Scan Status Enhancements


We’ve improved the reporting of scan status to help users better understand scan status. Enhancements include:

 

“Time Limit Exceeded” has been changed to "Time Limit Reached"

The status “Time Limit Exceeded” is no longer used.


Updated Status “No Web Service Detected”

We will now report this status when QID 150111 is reported in the scan results (element WEB_SITE/IGS/IG/QID).


New Status “Service Errors Detected”

This new status tells you the scan stopped before completion due to service errors related to timeouts during the scan, for example exceeding connection timeouts/error threshold.


New Status “Scan Internal Error”

This new status tells you the scan encountered an unexpected and unrecoverable error, which forced it to stop assessment.

 

 

Scan API

 

Updated XSD: scan.xsd/wasscan.xsd

 

New filters for Scan COUNT, Scan SEARCH

 

Includes scans with the new status using the resultsStatus filter.

 

New values for resultsStatus
TIME_LIMIT_REACHEDInclude scans with scan status “Time Limit Reached”. Previous filter TIME_LIMIT_EXCEEDED is no longer valid.
SERVICE_ERRORInclude scans with scan status “Service Errors Detected”
SCAN_INTERNAL_ERRORInclude scans with scan status “Scan Internal Error”

 


Sample for Scan COUNT

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-  "https://qualysapi.qualys.com/qps/rest/3.0/count/was/wasscan" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <filters>

      <Criteria field="resultsStatus" operator="IN">SERVICE_ERROR, SCAN_INTERNAL_ERROR</Criteria>

  </filters>

</ServiceRequest>

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

    <responseCode>SUCCESS</responseCode>

    <count>38</count>

</ServiceResponse>

 

Updated response from Scan SEARCH, Scan GET

 

The resultsStatus element in the XML output now reports one of the new scan status values as appropriate: TIME_LIMIT_REACHED, SERVICE_ERROR, SCAN_INTERNAL_ERROR.

 

Sample for Scan SEARCH

 

Request POST data:

 

<ServiceRequest>

  <filters>

      <Criteria field="resultsStatus" operator="IN">SERVICE_ERROR, SCAN_INTERNAL_ERROR, TIME_LIMIT_REACHED</Criteria>

      <Criteria field="id" operator="IN">1352324,1327378,1353021</Criteria>

  </filters>

</ServiceRequest>

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/wasscan.xsd">

  <responseCode>SUCCESS</responseCode>

  <count>3</count>

  <hasMoreRecords>false</hasMoreRecords>

  <data>

    <WasScan>

      <id>1327378</id>

      <name><![CDATA[TLE Test]]></name>

      <reference>was/1438303380031.1842885</reference>

      <type>VULNERABILITY</type>

      <mode>ONDEMAND</mode>

      <multi>false</multi>

      <target>

        <webApp>

          <id>1901948</id>

          <name><![CDATA[My Web App WAF]]></name>

          <url><![CDATA[http://10.10.26.238/waf]]></url>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

        <cancelOption>SPECIFIC</cancelOption>

      </target>

      <profile>

        <id>69923</id>

        <name><![CDATA[My Profile 23]]></name>

      </profile>

      <launchedDate>2015-07-31T00:43:00Z</launchedDate>

      <launchedBy>

        <id>4354</id>

        <username>acme_ab1</username>

        <firstName><![CDATA[John]]></firstName>

        <lastName><![CDATA[Smith]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <summary>

        <crawlDuration>141</crawlDuration>

        <testDuration>47</testDuration>

        <linksCrawled>30</linksCrawled>

        <nbRequests>3466</nbRequests>

        <resultsStatus>TIME_LIMIT_REACHED</resultsStatus>

        <authStatus>NONE</authStatus>

        <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

      </summary>

    </WasScan>

    <WasScan>

      <id>1352324</id>

      <name><![CDATA[Schedule proxy Internal - Proxy out of scope to subuser]]></name>

      <reference>was/1441617604130.1847313</reference>

      <type>VULNERABILITY</type>

      <mode>SCHEDULED</mode>

      <multi>false</multi>

      <target>

        <webApp>

          <id>2309688</id>

          <name><![CDATA[My Web App BOQ]]></name>

          <url><![CDATA[http://10.10.26.238/boq/]]></url>

        </webApp>

        <scannerAppliance>

          <type>INTERNAL</type>

          <friendlyName><![CDATA[acme_sa1]]></friendlyName>

        </scannerAppliance>

        <proxy>

          <id>1425</id>

          <name><![CDATA[My Proxy]]></name>

          <url><![CDATA[http://10.10.10.11]]></url>

        </proxy>

      </target>

      <profile>

        <id>270541</id>

        <name><![CDATA[My Profile 41]]></name>

      </profile>

      <launchedDate>2015-09-07T09:20:04Z</launchedDate>

      <launchedBy>

        <id>4355</id>

        <username>qualys_ag2</username>

        <firstName><![CDATA[Alan]]></firstName>

        <lastName><![CDATA[Green]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <summary>

        <crawlDuration>774</crawlDuration>

        <testDuration>4</testDuration>

        <linksCrawled>300</linksCrawled>

        <nbRequests>2785</nbRequests>

        <resultsStatus>SERVICE_ERROR</resultsStatus>

        <authStatus>NONE</authStatus>

        <os>Linux 2.4-2.6 / Embedded Device / F5 Networks Big-IP</os>

      </summary>

    </WasScan>

    <WasScan>

      <id>1353021</id>

      <name><![CDATA[Sched Vulnerability Scan - 2.7.0.10 WA - 2015-Mar-09]]></name>

      <reference>was/1441488303443.1847104</reference>

      <type>VULNERABILITY</type>

      <mode>SCHEDULED</mode>

      <multi>false</multi>

      <target>

        <webApp>

          <id>2284474</id>

          <name><![CDATA[My Web App 238]]></name>

          <url><![CDATA[http://10.10.26.238]]></url>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

      </target>

      <profile>

        <id>139359</id>

        <name><![CDATA[My Profile 59]]></name>

      </profile>

      <launchedDate>2015-09-05T21:25:03Z</launchedDate>

      <launchedBy>

        <id>4354</id>

        <username>acme_ag2</username>

        <firstName><![CDATA[Alan]]></firstName>

        <lastName><![CDATA[Green]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <summary>

        <resultsStatus>SCAN_INTERNAL_ERROR</resultsStatus>

        <authStatus>NONE</authStatus>

      </summary>

    </WasScan>

  </data>

</ServiceResponse>

 

Sample for Scan GET Output (for SCAN_INTERNAL_ERROR)

 

Response:

 

<?xml version="1.0" encoding="UTF-8"?>

<ServiceResponse xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="https://qualysapi.qualys.com/qps/xsd/3.0/was/scan.xsd">

  <responseCode>SUCCESS</responseCode>

  <count>1</count>

  <data>

    <WasScan>

      <id>1353021</id>

      <name><![CDATA[Sched Vulnerability Scan - 2.7.0.10 WA - 2015-Mar-09]]></name>

      <reference>was/1441488303443.1847104</reference>

      <type>VULNERABILITY</type>

      <mode>SCHEDULED</mode>

      <progressiveScanning>true</progressiveScanning>

      <multi>false</multi>

      <target>

        <webApp>

          <id>2284474</id>

          <name><![CDATA[My Web App 238]]></name>

          <url><![CDATA[http://10.10.26.238]]></url>

        </webApp>

        <scannerAppliance>

          <type>EXTERNAL</type>

        </scannerAppliance>

      </target>

      <profile>

        <id>139359</id>

        <name><![CDATA[My Profile 59]]></name>

      </profile>

      <options>

        <count>14</count>

        <list>

          <WasScanOption>

            <name>Web Application Authentication Record Name</name>

            <value><![CDATA[None]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Sensitive Content: Credit Card Numbers</name>

            <value><![CDATA[false]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Performance Settings</name>

            <value><![CDATA[LOW]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Scanner Appliance</name>

            <value><![CDATA[External (IP: 10.10.21.160, Scanner: 7.14.37-1, WAS: 3.9.50-1, Signatures: 2.3.30-1)]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Detection Scope</name>

            <value><![CDATA[COMPLETE]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Crawling Form Submissions</name>

            <value><![CDATA[BOTH]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Bruteforce Settings</name>

            <value><![CDATA[EXHAUSTIVE]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Option Profile Name</name>

            <value><![CDATA[10 Links edit]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Maximum Crawling Links</name>

            <value><![CDATA[10]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Web Application Name</name>

            <value><![CDATA[My Web App]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Request Parameter Set</name>

            <value><![CDATA[My Parameter Set]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Sensitive Content: Social Security Numbers (US)</name>

            <value><![CDATA[false]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Cancel At</name>

            <value><![CDATA[1441557900000]]></value>

          </WasScanOption>

          <WasScanOption>

            <name>Target URL</name>

            <value><![CDATA[http://10.10.26.238]]></value>

          </WasScanOption>

        </list>

      </options>

      <launchedDate>2015-09-05T21:25:03Z</launchedDate>

      <launchedBy>

        <id>4354</id>

        <username>acme_ag2</username>

        <firstName><![CDATA[Alan]]></firstName>

        <lastName><![CDATA[Green]]></lastName>

      </launchedBy>

      <status>FINISHED</status>

      <scanDuration>171606</scanDuration>

      <summary>

        <resultsStatus>SCAN_INTERNAL_ERROR</resultsStatus>

        <authStatus>NONE</authStatus>

      </summary>

      <sendMail>true</sendMail>

    </WasScan>

  </data>

</ServiceResponse>

 

Report API

 

Updated XSD: report.xsd

 

For Scorecard Report creation request, you can include scans with the status “Service Errors Detected” by specifying the filters/scanStatus element with the value SERVICE_ERROR.

 

API request:

 

curl -u "USERNAME:PASSWORD" -H "content-type: text/xml" -X "POST" --data-binary @-

"https://qualysapi.qualys.com/qps/rest/3.0/create/was/report" < file.xml

 

Note: “file.xml” contains the request POST data.

 

Request POST data:

 

<ServiceRequest>

  <data>

    <Report>

      <name><![CDATA[My Scorecard Report]]></name>

      <description><![CDATA[A simple scorecard report]]> </description>

      <format>PDF</format>

      <type>WAS_SCORECARD_REPORT</type>

      <config>

        <scorecardReport>

          <target>

            <tags>

              <Tag>

                <id>243130</id>

              </Tag>

            </tags>

          </target>

          <display>

            <contents>              <ScorecardReportContent>DESCRIPTION</ScorecardReportContent>              <ScorecardReportContent>SUMMARY</ScorecardReportContent>              <ScorecardReportContent>GRAPHS</ScorecardReportContent>              <ScorecardReportContent>RESULTS</ScorecardReportContent>

            </contents>

            <graphs>        <ScorecardReportGraph>VULNERABILITIES_BY_GROUP</ScorecardReportGraph>        <ScorecardReportGraph>VULNERABILITIES_BY_OWASP</ScorecardReportGraph>        <ScorecardReportGraph>VULNERABILITIES_BY_WASC</ScorecardReportGraph>

          </graphs>

          <groups>

            <ScorecardReportGroup>GROUP</ScorecardReportGroup>

            <ScorecardReportGroup>OWASP</ScorecardReportGroup>

            <ScorecardReportGroup>WASC</ScorecardReportGroup>

          </groups>

          <options>

            <rawLevels>false</rawLevels>

          </options>

            </display>

            <filters>

                <scanDate>

                <startDate>2014-06-28</startDate>

                <endDate>2014-07-28</endDate>

              </scanDate>

              <scanStatus>SERVICE_ERROR</scanStatus>

              <scanAuthStatus>NONE</scanAuthStatus>

            </filters>

          </scorecardReport>

        </config>

      </Report>

  </data>

</ServiceRequest>

A new release of Qualys Cloud Suite, Version 8.5, includes an API update which is targeted for release in August 2015.

 

This API notification provides an early preview into the upcoming API features and enhancements in Qualys Cloud Suite 8.5, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in the 8.5 release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.5 API Release Notification.

 

Full release notes will be available to customers on the day of the release.

 

Qualys API Enhancements

 

Improvements for Managing Excluded IPs

 

The Excluded IP API v2 (/api/2.0/fo/asset/excluded_ip/) has been updated to 1) allow users to remove all IPs from the list, 2) allow users to set an expiration date when adding IPs to the list, and 3) show expiration dates in the list output.

 


User API Accepts Time Zone Codes

 

With this release the User API (/msp/user.php) allows you to assign a time zone code to a user account using the new optional parameter “time_zone_code”.

 


Launch Report API Accepts Recipient Groups

 

The Launch Report API has been updated to allow users to notify distribution groups when a report is complete, using the new optional parameter “recipient_group_id”.

 


VM - Create Reports with Non-Running Kernels in Vulnerability Details

 

Several report DTDs have been updated to show vulnerabilities found on a kernel that is not the active running kernel. This option must be selected in the report template.

 


PC - New Tomcat Server Authentication API

 

The new Tomcat Server Authentication API (/api/2.0/fo/auth/tomcat/) lets you to list, create, update and delete Tomcat Server authentication records.

 


PC - Make Policies Active or Inactive

 

Policy status has been added to the XML output returned by the Compliance Policy List API (/api/2.0/fo/compliance/policy/?action=list) and the Export Compliance Policy API (/api/2.0/fo/compliance/policy/?action=export).

A new release of Qualys Cloud Suite, Version 8.5, includes an API update which is targeted for release in July 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.5, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes five features with changes to XML and CSV output which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

Improvements for Managing Excluded IP's - The Excluded IP API v2 (/api/2.0/fo/asset/excluded_ip/) has been updated to 1) allow users to remove all IPs from the list, 2) allow users to set an expiration date when adding IPs to the list, and 2) show expiration dates in the list output.   There are several new API requests and related XML output as well as a change to the IP list output DTD (/api/2.0/fo/asset/excluded_ip/ip_list_output.dtd).

 

Reporting for Vulnerabilities on Non-running Kernels - With this release users can create reports that show non-running kernels in the vulnerability details. This way you can identify vulnerabilities found on a kernel that is not the active running kernel.  We’ve updated the DTDs for the following reports: Asset Data Report, Vulnerability Scorecard Report, Ignored Vulnerabilities Report, Most Prevalent Vulnerabilities Report, Most Prevalent Hosts Report, Scorecard Patch Report.

 

PC - New Tomcat Server Authentication API - The new Tomcat Server Authentication API (/api/2.0/fo/auth/tomcat/) lets you to list, create, update and delete Tomcat Server authentication records.

 

PC - Make Policies Active or Inactive - Each policy in your account will now have a status of Active or Inactive. Your policies are active by default but you can choose to deactivate them, making them unavailable for scanning and reporting. For example, you may want to deactivate a policy that has become out of date. After updating the policy you can make it active again.   We added the policy status to the XML output returned by the Compliance Policy List API v2 (/api/2.0/fo/compliance/policy/?action=list) and updated the related DTDs (/api/2.0/fo/compliance/policy/policy_list_output.dtd,  /api/2.0/fo/compliance/policy/policy_export_output.dtd).

 

SCAP - Evidence added to SCAP Policy CSV Reports - Your SCAP policy reports in CSV format will now show evidence for each rule in your policy. Each rule is listed with the posture for the selected host. By reviewing the evidence you can determine why a rule passed or failed. The evidence content for a rule includes nodes (definitions and test sections) that represent the logic of the rule and the scan tests performed on the host.

A new release of Qualys Cloud Suite, Version 8.4, includes an API update which is targeted for release in April 2015.

 

This API notification provides an early preview into the coming new API features and enhancements in Qualys Cloud Suite 8.4, allowing you to proactively identify new opportunities to automate your Qualys service or to integrate with other applications.

 

This 15-day notification describes new API features that do not impact existing API implementations. API changes in the 8.4 release that may impact existing API implementations were already announced in the 30-day notification: Qualys Cloud Suite 8.4 API Release Notification.

 

Qualys API Enhancements

  • New Scheduled Scan API v2
  • New MySQL Authentication API
  • Appliance List v2 – Secondary Proxy Removed
  • PC – Compliance Scorecard Report XML Updates
  • PC – Import/Export Windows Directory Search UDC
  • CVSS Vectors added to CSV reports
  • Associated Tags added to CSV reports

 

Full release notes will be available to customers on the day of the release.

 

New Scheduled Scan API v2

Our new Scheduled Scan API v2 (/api/2.0/schedule/scan/) supports defining schedules for vulnerability scans. This API delivers improvements to the API v1 (/msp/scheduled_scans.php) and supports scanning targets in multiple network zones.

 

New MySQL Authentication API

The new MySQL Authentication API (/api/2.0/fo/auth/mysql/) lets you to list, create, update and delete MySQL authentication records.

 

Appliance List v2 – Secondary Proxy Removed

We’ve removed the secondary proxy configuration returned by the Scanner Appliance List v2 API (/api/2.0/fo/appliance/?action=list) when the request includes full output (output_mode=full). The appliance list output DTD was updated (/api/2.0/fo/appliance/appliance_list_output.dtd).

 

PC – Compliance Scorecard Report XML Updates

The Compliance Scorecard Report XML includes new elements for control criticality when selected in the report template. The DTD (compliance_scorecard_report.dtd) has several updates.

 

PC – Import/Export Windows Directory Search UDC

You can now import/export Windows directory search user defined controls in XML format. The schema ImportableControl.xsd has been updated.

 

CVSS Vectors added to CSV reports

Vulnerability scan reports in CSV format will now show the CVSS vector for each CVSS Base and Temporal score. The vector is a string of abbreviated metrics and values that describe the components used to calculate the score.

 

Associated Tags added to CSV reports

Vulnerability scan reports in CSV format will show asset tags associated with each host listed in the report. Applicable when your report target includes asset tags and your report template is configured for host based findings (automatic data).

A new release of Qualys Cloud Suite, Version 8.4, includes an API update which is targeted for release in April 2015.

 

This API notification provides an early preview into the coming API changes in Qualys 8.4, allowing you to proactively identify any changes that might be required for your automated scripts or programs that utilize the API methods.

 

This release includes two features with changes to XML and CSV output which could impact existing API implementations.  Notification about other new API features along with additional details and examples will be posted prior to the release.

 

For details about the changes, please see the attached detailed release notification below.  Full release notes will be available to customers on the day of the release.

 

Summary of Changes:

New MySQL Authentication API -  The new MySQL Authentication API (/api/2.0/fo/auth/mysql/) lets you to list, create, update and delete MySQL authentication records. User permissions for this API are the same as other authentication record APIs.

 

Appliance List v2 API - Secondary Proxy Removed - We’ve removed the secondary proxy configuration returned by the Scanner Appliance List v2 API (/api/2.0/fo/appliance/?action=list) when the request includes full output (output_mode=full). The appliance list output DTD was updated (/api/2.0/fo/appliance/appliance_list_output.dtd).