A new release of Qualys Cloud Platform CyberSecurity Asset Manager (CSAM) includes an updated API which is targeted for release in January 2023. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.
New Field Added to Response of the Existing APIs
Public V1 APIs:
Public V2 APIs:
With this release, a new field “release” is added to the response of the following public V1 and V2 APIs. The “release” field is part of the OperatingSystem attributes that represents the whole version major release, minor release, and revision number for the specific kernel release of the operating system.
Assets Listing and Assets Count Based on User Scope
The assets list and count are now shown based on the scope defined for the respective user. After the scope is defined for a respective user, that user can access only those assets, which are tagged by the specified tags
Dynamic Tag Rule Creation Using Global Asset View Tag Rule Engine
With this release, you can now create and update dynamic tag rule using GLOBAL_ASSET_VIEW tag rule engine.
Exclusion of Domain and Subdomain from EASM Profile
With this release, you can exclude certain domains and subdomains from the existing EASM profile.
GET List of Vulnerabilities Discovered by EASM
With this release, we have added a new API that helps you to get a list of vulnerabilities discovered by EASM.
The release notes are here: https://www.qualys.com/docs/release-notes/qualys-gav-csam-2.14-api-release-notes.pdf