Qualys Cloud Platform 10.28 (VM, PC) API Notification 2
Table of Contents
A new release of Qualys Cloud Platform 10.28 (VM, PC) includes updated APIs, which is targeted for release in June 2024. The specific day will differ depending on the platform. See platform release dates on the Qualys Status page. This API notification provides an early preview into the upcoming API changes, allowing you to identify use cases that can leverage these updated APIs.
What’s New?
This release includes updates to the Host Asset List and Detection APIs, allowing optional inclusion of OS hostnames in responses for authenticated scans. The linux_hostname
parameter has been renamed to os_hostname
for generic purpose. Mark Logic database authentication is supported via a new API, and Active Directory (AD) Secrets Engine or Database Secrets Engine can be utilized with HashiCorp authentication records. Additionally, the Apache Cassandra Record API has a parameter name change from ssl_verify
to ssl_verify_with_host
.
Authenticated Scan: Hostname Detection by QID 45325 and 45361
GET, POST /api/2.0/fo/asset/host/
GET, POST /api/2.0/fo/asset/host/vm/detection/
DTD or XSD changes: Yes
In this release, the Host Asset List API and host List Detection API are updated to optionally include the OS hostname in the response, in case of an authenticated scan. We have also renamed the linux_hostname
parameter to os_hostname
to keep it as generic parameter for OS detection.
In this release, this is achieved through detection of below listed QIDs during the authenticated scans.
45325 – Microsoft Windows Hostname and Domain Name Information
45361 – Linux/Unix Hostname Information
Please note that, this is the 2nd notification for this API change.
New API to Support MarkLogic Database Authentication Record
GET, POST /api/2.0/fo/auth/marklogic
In this release, MarkLogic (version 9.x/10.x) database authentication record is now supported for the authentication of compliance scans. We have introduced a new API to manage the MarkLogic authentication records. It allows you to create, update, list, and delete records.
Use Active Directory (AD) Secrets Engine or Database Secrets Engine in HashiCorp Authentication Records
GET, POST /api/2.0/fo/auth/postgresql/
GET, POST /api/2.0/fo/auth/mongodb/
GET, POST /api/2.0/fo/auth/infoblox/
GET, POST /api/2.0/fo/auth/cisco_apic/
GET, POST /api/2.0/fo/auth/unix/
DTD or XSD changes: Yes
You can now use Active Directory (AD) Secrets Engine or Database Secrets Engine while creating or updating authentication records (PostgreSQL, MongoDB, Cisco, Cisco_APIC, Infoblox) with vault type HashiCorp. For this, we have added a new but optional parameter use_ad_hashicorp
to the request for all the above listed APIs.
Change to Apache Cassandra Record API Input Parameter Name
GET, POST /api/2.0/fo/auth/cassandra
DTD or XSD changes: No
In this release, we have renamed the ssl_verify
parameter as ssl_verify_with_host
. Please ensure that you use the new parameter name while calling the API.
Please refer the detailed release note here: https://cdn2.qualys.com/docs/release-notes/qualys-cloud-platform-10.28-api-release-notes.pdf