Qualys Cloud Platform 1.32 (Container Security) API notification 1
A new release of Qualys Cloud Platform 1.32 (CS) includes updated APIs, which are targeted for release in March 2024. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API changes, allowing you to identify use cases that can leverage the updated API.
What’s New?
Encoded Regex Values
With this release, if you use the Container Security APIs, you must provide the regex value in Base64 code format. The plain text regex value is no longer acceptable in the APIs. This change ensures that the special character such as “backslash (\)” is allowed in the Regex. The following APIs have been updated with this change.
Show Details of a Secret Detector
/csapi/v1.3/secretDetector/{secretDetectorId}
Create a Custom Secret Detector
/csapi/v1.3/secretDetector/create
Update a Custom Secret Detector
/csapi/v1.3/secretDetector/{secretRuleId}
Special Provisioning for GitHub Container Registry
Earlier, GitHub Container Registry (GHCR) was getting supported under “Docker V2-Private” registry type. With this release, the GHCR is supported as a separate new registry type known as – “GitHub Container Registry”. The following APIs have been updated with this change.
Create a Registry
/csapi/v1.3/registry
Create a Registry Schedule
/csapi/v1.3/registry/{registryId}/schedule
Fetch a List of Schedules Created for a Registry
/csapi/v1.3/registry/{registryId}/schedule
Support for Dynamic List Type
A new type of list called “Dynamic” is introduced using which you can create, or update a Dynamic list. The following APIs are updated with this change.
Create a List
/csapi/v1.3/list
Update a List
/csapi/v1.3/list/{listId}
Support for Image Malware Report
With this release, a malware report of images can be generated. Earlier, “CS_IMAGE_VULNERABILITY”, “CS_IMAGE_SECRETS”, and “CS_CONTAINER_VULNERABILITY” report templates were available while creating a report. Henceforth, a new report template called, “CS_IMAGE_MALWARE” is available which is used while creating report for image malware. The following APIs are updated with this change.
Create a Report
/csapi/v1.3/reports (GET)
Fetch a List of Reports
/csapi/v1.3/reports (POST)
Create a Report Schedule
/csapi/v1.3/reports/schedule
Versioning of a Centralized Policy
With this release, each centralized policy is assigned a version value. For example, when a centralized policy is created, it carries the version value as “1”. This value gets incremented depending upon the number of times it gets edited. The following API is updated with this change:
Show Policy Details
/csapi/v1.3/centralizedPolicy/{policyId}
To know more details, refer to the release notes: https://cdn2.qualys.com/docs/release-notes/qualys-container-security-1.32-api-release-notes.pdf