Qualys Enterprise TruRisk™ Platform (VM, PC Release 10.35) API Notification

Prashant Waman
Prashant Waman, Director, Product Management, Qualys Platform
- 3 min read

Table of Contents

A new release of Qualys Enterprise TruRisk™ Platform (VM, PC Release 10.35), which is released in July 2025, includes updates to an existing API. This API notification highlights recently released changes, enabling you to identify use cases that can benefit from the updated APIs.

What’s New?

Schedule Scan List API: View Connector and Modified Date for Scheduled Scans

GET /api/4.0/fo/schedule/scan/

DTD or XSD changes: Yes

With this release, we have added the following new tags, INCLUDE_LOAD_BALANCER_FROM_CONNECTOR and INCLUDE_APP_GATEWAY_LB_FROM_CONNECTOR, to the  API responses for Azure and EC2 to identify whether the scans were previously launched using public load balancers or public application gateway load balancers from the selected connector.  

Also added the tag MODIFIED_DATE_UTC to the response of the scheduled scan list API to identify recently updated scheduled scans.

Scans API: Support to Reset Scheduled Scan for Cloud Perimeter Scans

POST /api/4.0/fo/scan/cloud/perimeter/job/

DTD or XSD changes: No

In this release, we have provided support to reset the scheduled scan’s pause/cancel and recurrence scheduling settings for cloud perimeter scans. This helps you ensure consistent scanning of cloud assets, minimizing the risk of missed vulnerabilities. Earlier, you were only able to set the duration for scheduled scans in the API. Now, with this feature, you can reset the duration, and to support this reset functionality, we have introduced two new parameters. These parameters are applicable only to the update action.

Support to Create a FQDN Based Scan Report

Scan Template API: FQDN Based Scan Report Template
GET, POST api/4.0/fo/report/template/scan/
DTD or XSD changes: No

Reports API: FQDN Based Scan Report
GET, POST api/3.0/fo/report/
DTD or XSD changes: No

In this release, you can now launch scan reports using a Fully Qualified Domain Name (FQDN) by creating a scan report template using the Scan Template API.  Once you create a scan report template, you can launch the scan report by using the Report API and create a scan report based on the FQDNs.

Support for API Access for SAML Users

With this release, we have removed the earlier restrictions that applied to SAML (Security Assertion Markup Language) SSO (Single Sign-On) enabled user accounts.

Now, SAML-enabled users can successfully run API requests using OpenID Connect API authentication. This enhancement allows SAML users to securely access APIs without encountering previous validation errors.

Note: For the list of features and improvements made in Policy Compliance/Policy Audit, refer to the Policy Audit API Release Notes for Release 1.1.0.  

For the list of features and improvements made in Policy Compliance/Policy Audit, refer to the Policy Audit (PA Release 1.1.0) API Notification.

Share your Comments

Comments

Your email address will not be published. Required fields are marked *