Qualys Cloud Platform 10.13 (VM/PC) API notification 2

Jeff Leggett

A new release of Qualys Cloud Platform 10.13 (VM/PC) includes an updated API which is targeted for release in August 2021. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What’s New
Control Comments added to CSV, XML Formats of Policy Reports

/api/2.0/fo/report/?action=fetch
When creating Policy Compliance Reports, users have the option to include control comments in the report output. The control comments already appear in HTML and PDF formats of the report. Starting in this release, control comments will also appear in CSV and XML formats of the report.

Cloud Provider Metadata for AWS added to Patch Reports
/api/2.0/fo/report/template/patch/?action=create
/api/2.0/fo/report/template/patch/?action=update
/api/2.0/fo/report/template/patch/?action=export
/api/2.0/fo/report/?action=fetch

We’ve added a new patch report template option that lets you include cloud provider metadata in patch reports (all supported report formats). Simply use the new parameter include_cloud_metadata=1 when creating or updating a patch report template. When you download or fetch a saved patch report where this option was used, you’ll see cloud metadata for each AWS cloud asset in the report.

Send Email Notifications for Deactivated, Delayed, or Skipped Scheduled Scans
/api/2.0/fo/schedule/scan/
/api/2.0/fo/schedule/scan/compliance/

We’ve added 3 new notification options for scheduled scans. Enable these options to have email notifications sent when a scheduled scan is deactivated by the service, delayed or skipped for any reason. You can also add a custom message to be included in the body of the email for each notification type. These notifications are supported for vulnerability and compliance scan types.

Option to disable the case-sensitive search in the Unix agent UDCs
/api/2.0/fo/compliance/control/
/api/2.0/fo/compliance/policy/

We added an option to disable the case-sensitive search in Unix agent UDCs (Directory Search and Directory Integrity). Once the parameter is enabled (true), the search result lists all possible combinations in the upper and/or lower case file name. By default, this option is disabled (false) which lists result with case-sensitive file name. You can export policies with this option enabled or disabled.

Database UDC Support for IBM DB2
/api/2.0/fo/compliance/posture/info/?action=list
/api/2.0/fo/compliance/control/?action=list
/api/2.0/fo/compliance/policy/?action=export
/api/2.0/fo/subscription/option_profile/pc

With this release, we are adding the Database UDC support for IBM DB2. For this new database control type, we’ve added new settings in the compliance option profile. You’ll see API changes for create, update, list, and export option profiles. We’ve also added new elements to the XML output and DTDs for Control List Output, Policy Export Output, Posture Info List Output, Option Profiles, and the ImportableControl.xsd schema.

The release notes are here: https://www.qualys.com/docs/release-notes/qualys-cloud-platform-10.13-api-release-notes.pdf

Share your Comments

Comments

Your email address will not be published. Required fields are marked *