Qualys Cloud Platform 3.0 (EDR) API notification 1
Last updated on: October 20, 2023
A new release of Qualys Cloud Platform 3.0 (EDR) includes updated APIs which is targeted for release in November 2023. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.
What’s New
Paginate Search Results Using SearchAfter
/ioc/events/searchAfter
/ioc/incidents/searchAfter
/ioc/incidents/events/searchAfter
Use this API to retrieve a large number of the search results in smaller sections or batches.
Retrieve Asset Details using Asset API
/ioc/asset/count
/ioc/asset/{assetId}
/ioc/asset/all
Use this API to retrieve asset details.
Block Malicious Host using BlockFeature API
/ioc/blockfeature/feature
/ioc/blockfeature/hash
The BlockFeature API blocks the Endpoint’s Malicious or Suspicious Artifacts and quarantine the malicious host.
Quarantine or Kill File or Process Using Remediation API
/ioc/remediation-actions/{remediationID}
/ioc/remediation-actions/performQuarantineHostAction
/ioc/remediation-actions/performAction
The new Remediation API allows you to kill or quarantine any process or file and perform remote isolation of the host.
The release notes are here: https://www.qualys.com/docs/release-notes/qualys-endpoint-detection-and-response-3.0-api-release-notes.pdf
