Qualys Cloud Platform 3.0 (EDR) API notification 1

Qualys

Last updated on: October 20, 2023

A new release of Qualys Cloud Platform 3.0 (EDR) includes updated APIs which is targeted for release in November 2023. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What’s New
Paginate Search Results Using SearchAfter

/ioc/events/searchAfter
/ioc/incidents/searchAfter
/ioc/incidents/events/searchAfter

Use this API to retrieve a large number of the search results in smaller sections or batches.

Retrieve Asset Details using Asset API
/ioc/asset/count
/ioc/asset/{assetId}
/ioc/asset/all

Use this API to retrieve asset details.

Block Malicious Host using BlockFeature API
/ioc/blockfeature/feature
/ioc/blockfeature/hash

The BlockFeature API blocks the Endpoint’s Malicious or Suspicious Artifacts and quarantine the malicious host.

Quarantine or Kill File or Process Using Remediation API
/ioc/remediation-actions/{remediationID}
/ioc/remediation-actions/performQuarantineHostAction
/ioc/remediation-actions/performAction

The new Remediation API allows you to kill or quarantine any process or file and perform remote isolation of the host.

The release notes are here: https://www.qualys.com/docs/release-notes/qualys-endpoint-detection-and-response-3.0-api-release-notes.pdf

Share your Comments

Comments

Your email address will not be published. Required fields are marked *