Qualys API (VM, PC) User Guide

Qualys API (VM, PC)

User Guide Version 10.16

December 20, 2021

Copyright 2018-2021 by Qualys, Inc. All Rights Reserved.

Qualys and the Qualys logo are registered trademarks of Qualys, Inc. All other trademarks are the property of their respective owners.

Qualys, Inc. 919 E Hillsdale Blvd 4th Floor Foster City, CA 94404 1 (650) 801 6100

Table of Contents

Preface................................................................................................................. 8

Chapter 1 - Welcome........................................................................................ 9

API Conventions ...................................................................................................................... 9 Qualys User Account ........................................................................................................ 9

Qualys API Server URL .......................................................................................................... 10 Making API requests .............................................................................................................. 11 API Limits ............................................................................................................................... 12 Tracking API usage by user .................................................................................................. 13 HTTP Response Headers ....................................................................................................... 13 Activity Log ............................................................................................................................. 16

Chapter 2 - Authentication to your account .............................................17

What do I need to know? ...................................................................................................... 17 Using Basic HTTP Authentication ....................................................................................... 17 Using Session Based Authentication ................................................................................... 18 Session Login .......................................................................................................................... 21 Session Logout ....................................................................................................................... 23

Chapter 3 - Scans............................................................................................25

VM Scans ................................................................................................................................ 26 VM Scan List .................................................................................................................... 26 Launch VM Scan ............................................................................................................. 29 Launch VM Scan on EC2 assets ..................................................................................... 31 Manage VM Scans ........................................................................................................... 35

Compliance Scans ................................................................................................................. 37 Compliance Scan List ..................................................................................................... 38 SCAP Scan List ................................................................................................................. 39 Launch Compliance Scan ............................................................................................... 41 Launch Compliance Scan on EC2 assets ...................................................................... 42 Manage Compliance Scans ............................................................................................ 44

Cloud Perimeter Scans .......................................................................................................... 47 Create/Update Cloud Perimeter Scan ........................................................................... 47

VM Scan Schedules ............................................................................................................... 50 PC Scan Schedules ................................................................................................................. 61 Scan List Parameters ............................................................................................................. 71 Scan Parameters .................................................................................................................... 73 Cloud Perimeter Scan Parameters ....................................................................................... 78 Scan Schedule Parameters ................................................................................................... 81 VM Scan Statistics ................................................................................................................. 86 VM Scan Summary ................................................................................................................ 89

Scanner Details ...................................................................................................................... 92 Share PCI Scan ....................................................................................................................... 94 Discovery Scans (maps) ........................................................................................................ 98

Chapter 4 - Scan Configuration ................................................................ 107

Scanner Appliance List ....................................................................................................... 108 Manage Virtual Scanner Appliances ................................................................................. 113 Update Physical Scanner Appliance .................................................................................. 118 Replace Scanner Appliance ................................................................................................ 121 Scanner Appliance VLANs and Static Routes ................................................................... 123 Option Profile Export ........................................................................................................... 128 Option Profile Import .......................................................................................................... 138 Option Profiles for VM ......................................................................................................... 144 Option Profiles for PCI ......................................................................................................... 159 Option Profiles for Compliance .......................................................................................... 168 KnowledgeBase .................................................................................................................... 190 Editing Vulnerabilities ......................................................................................................... 195 Static Search Lists ................................................................................................................ 198 Dynamic Search Lists .......................................................................................................... 203 Vendor IDs and References ................................................................................................ 214

Chapter 5 - Scan Authentication................................................................217

User Permissions Summary ............................................................................................... 218 List Authentication Records ............................................................................................... 219 List Authentication Records by Type ................................................................................ 221 Application Server Records ................................................................................................. 225 Azure MS SQL Record .......................................................................................................... 230 Docker Record ...................................................................................................................... 235 HTTP Record ......................................................................................................................... 238 IBM DB2 Record .................................................................................................................... 241 InformixDB Record .............................................................................................................. 246 JBoss Server record .............................................................................................................. 251 Kubernetes Record ............................................................................................................... 255 MariaDB Record ................................................................................................................... 258 Microsoft SharePoint Record .............................................................................................. 262 MongoDB Record .................................................................................................................. 272 MS Exchange Server ............................................................................................................ 278 MS SQL Record ..................................................................................................................... 283 MySQL Record ...................................................................................................................... 292 Neo4j Record ........................................................................................................................ 299 Nginx Record ........................................................................................................................ 304 Oracle Record ....................................................................................................................... 308

System created Oracle records .................................................................................... 313 Oracle Listener Record ........................................................................................................ 316

Oracle WebLogic Server Record ......................................................................................... 318 Palo Alto Firewall Record .................................................................................................... 321 Pivotal Greenplum Record .................................................................................................. 325 PostgreSQL Record ............................................................................................................... 332 SAP Hana Record ................................................................................................................. 339 SAP IQ Record ...................................................................................................................... 344 SNMP Record ........................................................................................................................ 349 Sybase Record ...................................................................................................................... 354 Unix Record .......................................................................................................................... 360 Network SSH Record ........................................................................................................... 372 VMware Record .................................................................................................................... 377 Windows Record .................................................................................................................. 382 Oracle HTTP Server Record ................................................................................................ 390 vCenter - ESXi Mapping Records ........................................................................................ 400

Chapter 6 - Vault Support .........................................................................406

Vault Support matrix .......................................................................................................... 406 Vault Definition ................................................................................................................... 412 List Vaults ............................................................................................................................. 419 Manage Vaults ..................................................................................................................... 422

Chapter 7 - Assets ....................................................................................... 433

IP List ..................................................................................................................................... 434 Add IPs .................................................................................................................................. 437 Update IPs ............................................................................................................................. 439 Host List ................................................................................................................................ 443 Host Update ......................................................................................................................... 453 Host List Detection .............................................................................................................. 457 Host List Detection - Normalized Data ............................................................................. 476 Host List Detection - Use Cases ......................................................................................... 477 Host List Detection - Best Practices ................................................................................... 478 Excluded Host List ............................................................................................................... 479 Excluded Hosts Change History ......................................................................................... 482 Manage Excluded Hosts ...................................................................................................... 485 Virtual Host List ................................................................................................................... 489 Manage Virtual Hosts .......................................................................................................... 490 Restricted IPs List ................................................................................................................ 492 Manage Restricted IPs ......................................................................................................... 494 Asset Group List ................................................................................................................... 497 Manage Asset Groups .......................................................................................................... 500 Purge Hosts ........................................................................................................................... 505 Patch List .............................................................................................................................. 512

Chapter 8 - IPv6 Assets............................................................................... 514

API Support for IPv6 Asset Management and Scanning .................................................. 514 IPv6 Mapping Record List .................................................................................................... 519 Add IPv6 Mapping Records ................................................................................................. 520

Chapter 9 - Networks ..................................................................................522

Network List ......................................................................................................................... 522 Create Network .................................................................................................................... 523 Update Network ................................................................................................................... 525 Assign Scanner Appliance to Network .............................................................................. 526

Chapter 10 - Reports....................................................................................528

Report List ............................................................................................................................ 529 Launch Report ...................................................................................................................... 531

Launching Reports Using Asset Tags .......................................................................... 538 Launching and Fetching Compliance Reports in CSV Format ................................. 539 Report Template List ........................................................................................................... 542 Launch Scorecard ................................................................................................................ 544 Cancel Running Report ....................................................................................................... 551 Download Saved Report ...................................................................................................... 552 Delete Saved Report ............................................................................................................ 555 Scheduled Reports List ........................................................................................................ 556 Launch Scheduled Report ................................................................................................... 557 Asset Search Report ............................................................................................................. 557

Chapter 11 - VM Report Templates .......................................................... 569

API Support for Report Templates ..................................................................................... 569 Scan Template ..................................................................................................................... 570

Cloud Asset Metadata Fields in CSV Format .............................................................. 577 Cloud Asset Metadata Fields in XML Format ............................................................. 578 PCI Scan Template ............................................................................................................... 584 Patch Template .................................................................................................................... 586 Map Template ...................................................................................................................... 593

Chapter 12 - VM Remediation Tickets..................................................... 609

Remediation Tickets overview ........................................................................................... 609 Ticket Parameters ................................................................................................................ 611 View Ticket List .................................................................................................................... 613 Edit Tickets ........................................................................................................................... 615 Delete Tickets ....................................................................................................................... 617 View Deleted Ticket List ..................................................................................................... 619 Get Ticket Information ........................................................................................................ 620 Set Vulnerabilities to Ignore on Hosts ............................................................................... 622

Chapter 13 - Compliance ............................................................................ 627

Compliance Control List ..................................................................................................... 628 Compliance Policy List ........................................................................................................ 654 Compliance Policy - Export ................................................................................................ 658 Compliance Policy - Import ................................................................................................ 678 Compliance Policy - Merge ................................................................................................. 680 Compliance Policy - Manage Asset Groups ...................................................................... 686 Compliance Posture Information ...................................................................................... 689 Control Criticality ................................................................................................................ 706 Exceptions ............................................................................................................................ 707 SCAP Cyberscope Report ..................................................................................................... 715 SCAP ARF Report ................................................................................................................. 719 SCAP Policy List .................................................................................................................... 720

Chapter 14 - Users and Activity Log ....................................................... 724

User List ................................................................................................................................ 724 Add/Edit User ....................................................................................................................... 726 User Registration Process ................................................................................................... 734 Accept Qualys EULA ............................................................................................................ 735 Activate/Deactivate Users .................................................................................................. 736 User Password Change ........................................................................................................ 737 Export User Activity Log ..................................................................................................... 739

Appendix A - API Documentation ........................................................... 742

Appendix B - Ports used for scanning .................................................... 743

Appendix C - Scan Results JSON............................................................. 745

Appendix D - Error codes / descriptions................................................ 751

Index ................................................................................................................753

Preface

Preface

Using the Qualys API, third parties can integrate their own applications with Qualys cloud security and compliance solutions using an extensible XML interface. The APIs described in this guide are available to customers using Qualys Cloud Platform (VM, PC). About Qualys Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses simplify security operations and lower the cost of compliance by delivering critical security intelligence on demand and automating the full spectrum of auditing, compliance and protection for IT systems and web applications. Founded in 1999, Qualys has established strategic partnerships with leading managed service providers and consulting organizations including Accenture, BT, Cognizant Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a founding member of the Cloud Security Alliance (CSA). For more information, please visit . Contact Qualys Support Qualys is committed to providing you with the most thorough support. Through online documentation, telephone help, and direct email support, Qualys ensures that your questions will be answered in the fastest time possible. We support you 7 days a week, 24 hours a day. Access support information at support/.

8

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.