Qualys Cloud Platform 10.27 (VM, PC) API Notification 2

Prabhas Gupte

A new release of Qualys Cloud Platform 10.27 (VM, PC) includes updated APIs which is targeted for release in May 2024. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the coming API, allowing you to identify use cases that can leverage this updated API.

What’s New?

In this release, we have API changes that include options to exclude inactive controls from host compliance posture info and the addition of EPSS for vulnerability severity analysis. New APIs for managing Containerized Scanner Appliance operations and Apache Cassandra records are introduced, while Policy reports now include Policy ID. Additionally, Content Security Policy implementation enhances API security with restricted content origins.

Manage Inactive Control Inclusion/Exclusion

POST /pcrs/2.0/posture/postureInfo

With this API enhancement, you can now choose to exclude inactive controls (SDC, UDC) from the host compliance posture information in the API response. A new parameter excludeInactiveControl has been introduced to exclude inactive controls.

User Information Validation

POST /msp/user.php
DTD or XSD changes: No

With this release, we have implemented user information input validations when adding or editing users. The list of validations added is available in the detailed release notes.

View Network Name in Host List Detection API

GET, POST /api/2.0/fo/asset/host/vm/detection
DTD or XSD changes: Yes

With this release, we have added the field – Network Name to the HLD API. The field displays the name of the network to which you are connected. The details to be displayed here are matched with the Network ID field and then displayed to the user.

Addition of EPSS as QDS Factor

GET /api/2.0/fo/asset/host/vm/detection
GET /api/2.0/fo/knowledge_base/qvs
DTD or XSD changes: Yes

With this release, EPSS (Exploit Prediction Scoring System) is added in Host List Detection API and KnowledgeBase (CVE centric API) API as a QDS factor. Prior to this, only CVSS, (Common Vulnerability Scoring System), RTI (Real Threat Indicators), and ECM (Exploit Code Maturity) QDS factor was used. Now with EPSS QDS factor, you can analyze the severity of vulnerability and prioritize vulnerability remediation.

Manage Containerized Scanner Appliance

POST /api/2.0/fo/appliance/qcss/?action=create
POST /api/2.0/fo/appliance/qcss/?action=list
POST /api/2.0/fo/appliance/qcss/?action=update
POST /api/2.0/fo/appliance/qcss/?action=delete

With this release we have introduced 4 new APIs in Qualys Containerized Scanner Appliance that enable you to perform create, list, update, and delete operations in Qualys Containerized Scanning Services (QCSS). These APIs (create, list, update, and delete) will be enabled only if you subscribe to it. This subscription can be acquired by connecting with the Qualys Support team.

API Changes Regarding Apache Cassandra Record

New Tag in List Authentication Records API

GET /api/2.0/fo/auth/
DTD or XSD changes: Yes

In this release, the Authentication Record List API has been updated. A new tag <AUTH_CASSANDRA_IDS> is introduced in the API response. It will display Apache Cassandra records if you have any in your account.

New API to Create/Update/Delete Apache Cassandra Records

POST /api/2.0/fo/auth/Cassandra

This new API will help you manage the Apache Cassandra Authentication Records, using the action parameter. Supported values are create, list, update, and delete.

View Policy ID in the Report

GET, POST /api/2.0/fo/report/?action=fetch
DTD or XSD changes: Yes

With this release, we have added the field Policy ID for the following report formats in Policy reports.

  • Extensible Markup Language (XML)
  • HTML pages
  • Portable Document Format (PDF)
  • Web Archive (MHT)

With this API, you can now view the policy ID for the selected policy.

All Qualys APIs Updated With Content Security Policy

With this enhancement, we have implemented Content Security Policy (CSP) to enhance the API security. As a part of this enhancement, we have added Content-Security-Policy HTTP response header with default-src 'self' value. The CSP header defines a policy that restricts which origins or types of content can be executed or loaded, thereby reducing the risk of certain types of attacks like cross-site scripting (XSS) and data injection. Please note that All Qualys APIs, all HTTP methods applicable to respective APIs are updated to support this policy. There are no DTD or XSD changes.

Please refer to the detailed release notes here: https://cdn2.qualys.com/docs/release-notes/qualys-cloud-platform-10.27-api-release-notes.pdf

Share your Comments

Comments

Your email address will not be published. Required fields are marked *