I would like to submit tasks and function calls via the QualysGuard API, but I do not want to expose my USER ID and PASSWORD in a script file. Is there some way to accomplish this goal?
Excellent question. Yes, there is a way. Check out the following Python Qualys API wrapper, qualysapi:
It reads in the username & password from a .qcrc file in the same directory as the script, or home directory of the user running the script. For security purposes, I recommend to chown and chmod 600 the file so only the owner (one who is running the script) can read it.
Retrieving data ...