Qualys Cloud Platform 10.24 (VM/PC) API notification 2
A new release of Qualys Cloud Platform 10.24 (VM/PC) includes updated APIs which is targeted for release in September/October 2023. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.
What’s New
Cisco APIC 4.x Authentication Record
/api/2.0/fo/auth/cisco_apic
This release introduces a new Cisco APIC authentication record API, which is available for the PC/SCA modules. Users can create/update Cisco APIC authentication records
DNS BIND Authentication Record
/api/2.0/fo/auth/bind
This release introduces a new BIND authentication record API, which is available for the PC/SCA modules. Users can create/update BIND authentication records.
PKCS8 Private Key Format Support for Unix Authentication Records
/api/2.0/fo/auth/unix/
With this release, you can now create/edit authentication records in FIPS mode with private keys in PKCS8 format. The PKCS8 private key format enables to resolve validation errors while creating or editing authentication records with private keys in FIPS mode.
PKCS8 Private Key Format Support for Network SSH Authentication Records
/api/2.0/fo/auth/network_ssh/
With this release, you can now create/edit authentication records in FIPS mode with private keys in PKCS8 format. The PKCS8 private key format enables to resolve validation errors while creating or editing authentication records with private keys in FIPS mode.
Partial SSL/TLS Auditing
/api/2.0/fo/subscription/option_profile/vm/?action=create
/api/2.0/fo/subscription/option_profile/vm/?action=update
/api/2.0/fo/subscription/option_profile/?action=export
/api/2.0/fo/subscription/option_profile/?action=import
With this release, you can partially scan SSL/TLS endpoints with an incomplete handshake. An incomplete handshake occurs when SSL/TLS endpoints require client certificates to complete SSL/TLS handshake. Only a subset of QIDs is checked in this mode. Any QIDs that are typically reported as confirmed vulnerabilities are now reported as potential vulnerabilities.
Filter Vulnerabilities Based on their Type
/api/2.0/fo/asset/host/vm/detection/
With this release, to optimize the vulnerability information download process, a new filter parameter has been introduced. It enables to filter vulnerability information based on vulnerability types, confirmed, and potential vulnerabilities. You can now download only confirmed or only potential vulnerabilities as per your business requirement. This optimizes the vulnerability information download process by eliminating vulnerabilities you don’t want to focus on and process.
The release notes are here: https://www.qualys.com/docs/release-notes/qualys-cloud-platform-10.24-api-release-notes.pdf