Container Security Release 1.43 API
April 25, 2026
Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For these API Release Notes, <qualys_base_url> is mentioned in the sample API requests.
With the Container Security 1.43 release, the following enhancements in CS APIs are made.
- Compliance Scanning for Images
- Assign Tag to an Asset
- Enhanced Policy Rule Complaince - CICD Policy and Kubernetes Admission Controller Policy
- New Report Templates - Image Softwares
- Improvement in Dynamic Tags
Compliance Scanning for Images
Qualys Container Security now adds image-compliance scanning support in QScanner v5.0.0. It allows you to evaluate and report compliance during image scans. This capability strengthens control over the container compliance posture and simplifies compliance validation within existing security workflows.
This release expands compliance coverage with the addition of the following controls:
- Control ID 19388
- Control ID 19386
- Control ID 19378
These controls improve visibility into compliance risks and enable more accurate policy enforcement during image scanning.
To improve risk prioritization and simplify interpretation, this release updates the criticality levels as follows:
- LOW: Renamed from MINIMAL
- MEDIUM: Combines MEDIUM and SERIOUS
- HIGH: Combines CRITICAL and URGENT
The following API includes updated policy compliance details for images.
- Fetch Policy Compliance Details of an Image
GET /csapi/v1.3/images/{imageSha}/compliance
Updated API: Fetch Policy Compliance Details of an Image
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /v1.3/images/{imageSha}/compliance |
| Method | GET |
| DTD XSD Changes | No |
Sample: Fetch Policy Compliance Details of an ImageSample: Fetch Policy Compliance Details of an Image
API Request
curl -X 'GET' \ '<qualys_base_url>/csapi/v1.3/images/2724e40d4303391e1a46884134da358e20a6d0b03f32ee6c412079ddb4ac6783/compliance' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>'
API Response
{
"uuid": "9badf287-5629-33a0-8059-3673720ddd11",
"sha": "1111e40d4303391e1a46884134da358e20a6d0b03f32ee6c412079ddb4ac1111",
"customerUuid": "1162741d-fb3f-6d14-824e-762226d61411",
"created": "1728035800000",
"updated": "1773727409392",
"controls": [
{
"controlId": 19388,
"policyUuid": "e07da90a-dc32-48e0-9bbb-2eae68012333",
"technologyId": 283,
"criticality": "MEDIUM",
"posture": "FAIL",
"lastEvaluated": "1773727201621",
"datapoints": [],
"statement": null,
"findings": [
"USER not created"
]
},
{
"controlId": 19386,
"policyUuid": "e07da90a-dc32-48e0-9bbb-2eae68012333",
"technologyId": 283,
"criticality": "MEDIUM",
"posture": "FAIL",
"lastEvaluated": "1773727202110",
"datapoints": [],
"statement": null,
"findings": [
"update instruction found in layer #5",
"update instruction found in layer #3",
"update instruction found in layer #9"
]
},
{
"controlId": 10826,
"policyUuid": "e07da90a-dc32-48e0-9bbb-2eae68012333",
"technologyId": 283,
"criticality": "MEDIUM",
"posture": "FAIL",
"lastEvaluated": "1773727201866",
"datapoints": [],
"statement": null,
"findings": [
"HEALTHCHECK not configured"
]
},
{
"controlId": 19511,
"policyUuid": "e07da90a-dc32-48e0-9bbb-2eae68012333",
"technologyId": 283,
"criticality": "MEDIUM",
"posture": "PASS",
"lastEvaluated": "1773727202355",
"datapoints": [],
"statement": null,
"findings": []
},
{
"controlId": 19378,
"policyUuid": "e07da90a-dc32-48e0-9bbb-2eae68012333",
"technologyId": 283,
"criticality": "HIGH",
"posture": "PASS",
"lastEvaluated": "1773727202600",
"datapoints": [],
"statement": null,
"findings": []
}
],
"lastComplianceScanned": "1773727203912"
}
Assign Tag to an Asset
Qualys Container Security now supports two new fields: entitySha and tagName to the assign tag API. The entitySha field helps you identify the target image or container when the entity UUID is not provided. The tagName specifies the tag to assign by name, and triggers tag creation if the tag does not already exist.
The following API is updated to support the Assign Tag template.
- Assign Tag to an Asset
POST /csapi/v1.3/tag/assign
Updated API: Assign Tag to an Asset
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/tag/assign |
| Method | POST |
| DTD XSD Changes | No |
Input ParametersInput Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| entitySha | Mandatory | string | Identify the target image or container when the entity UUID is not provided |
| tagName | Mandatory | string | Specify the tag to assign by name, and trigger tag creation if the tag does not already exist |
At least one of the following must be provided for tag assignment: entitySha or entityUUID, and tagName or tagUuid
Sample: Assign Tag to an AssetSample: Assign Tag to an Asset
API Request
curl -X "POST"
"<qualys_base_url>/csapi/v1.3/tag/assign"
-H "accept: application/json"
-H "Authorization: Bearer <token>"
-H "Content-Type: application/json"
-d "{
"entitySha": "string",
"entityType": "IMAGE / CONTAINER",
"entityUUID": "string",
"moduleCode": "string",
"subscriptionId": "string",
"tagsToAdd": [
{
"isCascadeToContainer": true,
"tagName": "string",
"tagUuid": "string"
}
]
}
API Response
{
"entityUUID": "string"
}
Enhanced Policy Rule Compliance
Centralized Image Assessment (CICD) Policy-Rule Compliance
While creating a CICD policy, Qualys Container Security now supports new compliance-related rules for image scan, such as Block known compliance using Controls and Limit Compliance using Criticality.
- Fetch a Centralized Image Assessment Policy
GET /csapi/v1.3/centralizedPolicy/{policyId} - Create a Centralized Image Assessment Policy
POST /csapi/v1.3/centralizedPolicy - Update a Centralized Image Assessment Policy
PUT /csapi/v1.3/centralizedPolicy/{policyId}
Updated API: Get a Centralized Image Assessment Policy
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/centralizedPolicy/{policyId} |
| Method | GET |
| DTD XSD Changes | No |
Sample: Get a Centralized Image Assessment PolicySample: Get a Centralized Image Assessment Policy
API Request
curl -X 'GET' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy/f0c6ebef-1246-4d61-be1b-0c11075aaebb' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>'
API Response
{
"uuid": "f0c6ebef-1246-4d61-be1b-0c11075aaebb",
"policyName": "Test-Compliance related rules",
"policyType": "CICD",
"policyMode": "ACTIVE",
"description": "test Policy",
"createdBy": "quaysxpb14",
"created": "1769684140646",
"updatedBy": "quaysxpb14",
"updated": "1769685855150",
"centralizedPolicyRules": [
{
"name": "Block known compliance using Controls",
"type": "IMAGESCAN_VULN_RESTRICTED_CIDS",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
10826,
19378,
19386,
19388,
19511
]
},
"action": "FAIL"
},
{
"name": "Limit Compliance using Criticality",
"type": "IMAGESCAN_VULN_CONTROL_CRITICALITYCOUNT",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"value": "MEDIUM",
"operator": "GREATER_THAN",
"threshold": 1
},
"action": "FAIL"
}
],
"exclusionPolicyRules": [
{
"isEnabled": true,
"order": 0,
"sortOrder": 0,
"stopProcessing": false,
"kind": "EXCLUSION",
"action": "FAIL",
"metaData": {
"values": [
19386,
19378
]
},
"name": "Exclude CIDs",
"type": "EX_IMAGESCAN_VULN_CIDS"
}
],
"version": 4,
"isDefault": false,
"tagIds": [
"b3b02b72-c74c-4b5a-82a5-12c52b0a7d86",
"5d877004-14df-490b-b522-89cc51a1e1e6",
"2f5afc01-8148-4576-b39c-22232ae85632"
],
"k8sFilters": null
}
Updated API: Create a Centralized Image Assessment Policy
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/centralizedPolicy |
| Method | POST |
| DTD XSD Changes | No |
Input ParametersInput Parameters
We have added the following new rules while creating the policy.
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| name | Mandatory | string | Specify the name of the policy rule
|
| type | Mandatory | string |
Specify the type of policy rule
|
| policyType | Mandatory | string |
Specify the name of the policy type.
Example: CICD |
Sample: Create a Centralized Image Assessment PolicySample: Create a Centralized Image Assessment Policy
API Request
curl -X 'POST' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-d '{
"policyName": "Test-Compliance related rules",
"description": "Test policy",
"centralizedPolicyRules": [
{
"name": "Block known compliance using Controls",
"type": "IMAGESCAN_VULN_RESTRICTED_CIDS",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
10826,
19378,
19386,
19388,
19511
]
},
"action": "FAIL"
},
{
"name": "Limit Compliance using Criticality",
"type": "IMAGESCAN_VULN_CONTROL_CRITICALITYCOUNT",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"value": "MEDIUM",
"operator": "GREATER_THAN",
"threshold": 1
},
"action": "FAIL"
}
],
"exclusionPolicyRules": [
{
"isEnabled": true,
"order": 0,
"sortOrder": 0,
"stopProcessing": false,
"kind": "EXCLUSION",
"action": "FAIL",
"metaData": {
"values": [
19386,
19378
]
},
"name": "Exclude CIDs",
"type": "EX_IMAGESCAN_VULN_CIDS"
}
],
"policyMode": "ACTIVE",
"policyType": "CICD",
"isDefault": false,
"tagIds": [
"b3b02b72-c74c-4b5a-82a5-12c52b0a7d86",
"5d877004-14df-490b-b522-89cc51a1e1e6",
"2f5afc01-8148-4576-b39c-22232ae85632"
],
"k8sFilters": []
}'
API Response
{
"uuid": "f0c6ebef-1246-4d61-be1b-0c11075aaebb"
}
Updated API: Update a Centralized Image Assessment Policy
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/centralizedPolicy/{policyId} |
| Method | PUT |
| DTD XSD Changes | No |
Input ParametersInput Parameters
We have added the following new rules while creating the policy.
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| policyId | Mandatory | string | Provide the UUID of the centralized policy you want to update. |
Sample: Update a Centralized Image Assessment PolicySample: Update a Centralized Image Assessment Policy
API Request
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy/f0c6ebef-1246-4d61-be1b-0c11075aaebb' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>'
{
"policyName": "Test-Compliance related rules-update",
"description": "Test policy-update",
"centralizedPolicyRules": [
{
"name": "Block known compliance using Controls",
"type": "IMAGESCAN_VULN_RESTRICTED_CIDS",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
19378,
19386,
19388,
19511
]
},
"action": "FAIL"
},
{
"name": "Limit Compliance using Criticality",
"type": "IMAGESCAN_VULN_CONTROL_CRITICALITYCOUNT",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"value": "LOW",
"operator": "GREATER_THAN",
"threshold": 1
},
"action": "FAIL"
}
],
"exclusionPolicyRules": [
{
"isEnabled": true,
"order": 0,
"sortOrder": 0,
"stopProcessing": false,
"kind": "EXCLUSION",
"action": "FAIL",
"metaData": {
"values": [
19378
]
},
"name": "Exclude CIDs",
"type": "EX_IMAGESCAN_VULN_CIDS"
}
],
"policyMode": "ACTIVE",
"policyType": "CICD",
"isDefault": false,
"tagIds": [
"b3b02b72-c74c-4b5a-82a5-12c52b0a7d86",
"5d877004-14df-490b-b522-89cc51a1e1e6",
"2f5afc01-8148-4576-b39c-22232ae85632"
],
"k8sFilters": []
}
API Response
{
"policyUUID ": "f0c6ebef-1246-4d61-be1b-0c11075aaebb"
}
Kubernetes Admission Controller Policy-Rule Compliance
While creating a Kubernetes Admission Controller policy, Qualys Container Security now supports compliance-related rules for policy-based image scans.
- Fetch a Kubernetes Admission Controller Policy
GET /csapi/v1.3/centralizedPolicy/{policyId} - Create a Kubernetes Admission Controller Policy
POST /csapi/v1.3/centralizedPolicy - Update a Kubernetes Admission Controller Policy
PUT /csapi/v1.3/centralizedPolicy/{policyId}
Updated API: Fetch Kubernetes Admission Controller Policy
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/centralizedPolicy/{policyId} |
| Method | GET |
| DTD XSD Changes | No |
Sample: Fetch a Kubernetes Admission Controller PolicySample: Fetch a Kubernetes Admission Controller Policy
API Request
curl -X 'GET' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy/f18f35a9-3362-490f-87e6-bc33814dd056' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>'
API Response
{
"uuid": "f18f35a9-3362-490f-87e6-bc33814dd056",
"policyName": "TEST2",
"policyType": "K8S_ADMISSION_CONTROLLER",
"policyMode": "ACTIVE",
"policyBehavior": "BLOCK",
"description": "",
"createdBy": "surabxas",
"created": "1776228725396",
"updatedBy": "surabxas",
"updated": "1776228725396",
"centralizedPolicyRules": [
{
"name": "rule2",
"type": "IMAGESCAN_VULN_RESTRICTED_CIDS",
"action": "FAIL",
"isEnabled": true,
"stopProcessing": false,
"sortOrder": 0,
"metaData": "{\"values\":[10826,19388,19511]}",
"kind": "IMAGE_SECURITY"
},
{
"name": "rule1",
"type": "IMAGESCAN_VULN_CONTROL_CRITICALITYCOUNT",
"action": "FAIL",
"isEnabled": true,
"stopProcessing": false,
"sortOrder": 0,
"metaData": "{\"operator\":\"GREATER_THAN\",\"threshold\":1,\"value\":\"MEDIUM\"}",
"kind": "IMAGE_SECURITY"
}
],
"exclusionPolicyRules": [],
"version": 1,
"isDefault": false,
"tagIds": null,
"excludedTagIds": null,
"k8sFilters": [
{
"cluster": {
"clusterUid": "957e3031-c6d1-4a00-9c7e-6406e1bc3bcb",
"clusterName": "surtest-ekstest"
},
"namespace": null,
"deployment": null
}
],
"excludedK8sFilters": null
}
Updated API: Create Kubernetes Admission Controller Policy
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/centralizedPolicy |
| Method | POST |
| DTD XSD Changes | No |
Input ParametersInput Parameters
We have added the following new rules while creating the Kubernetes Admission Controller policy.
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| name | Mandatory | string | Specify the name of the policy rule
|
| type | Mandatory | string | Specify the type of policy
|
| policyType | Mandatory | string | Specify the name of the policy type.
Example: K8S_ADMISSION_CONTROLLER |
Sample: Create Kubernetes Admission Controller PolicySample: Create Kubernetes Admission Controller Policy
API Request
curl -X 'POST' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"policyName": "Test policy",
"description": "Custom",
"policyType": "K8S_ADMISSION_CONTROLLER",
"centralizedPolicyRules": [
{
"name": "Limit Compliance using Criticality",
"type": "IMAGESCAN_VULN_CONTROL_CRITICALITYCOUNT",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"value": "HIGH",
"operator": "GREATER_THAN_OR_EQUAL",
"threshold": 2
},
"action": "FAIL"
},
{
"name": "Block known compliance using Controls",
"type": "IMAGESCAN_VULN_RESTRICTED_CIDS",
"isEnabled": true,
"stopProcessing": false,
"order": 0,
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
10826,
19378,
19386,
19388,
19511
]
},
"action": "FAIL"
}
],
"exclusionPolicyRules": [],
"version": 1,
"isDefault": false,
"policyMode": "ACTIVE",
"tagIds": null,
"excludedTagIds": null,
"k8sFilters": [
{
"cluster": null,
"namespace": {
"namespaceUuid": null,
"namespaceValue": "default",
"clusterUid": "957e3031-c6d1-4a00-9c7e-6406e1bc3bcb"
},
"deployment": null
}
]
}
API Response
{
"uuid": "6299630e-dd72-45a4-87c0-ce0f4be3cd2c"
}
Updated API: Update Kubernetes Admission Controller Policy
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/centralizedPolicy/{policyId} |
| Method | PUT |
| DTD XSD Changes | No |
Input ParametersInput Parameters
| Parameter | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
| policyId | Mandatory | string | Provide the UUID of the centralized policy you want to update. |
| policyType | Mandatory | string | Specify the name of the policy type |
| clusterName |
Mandatory |
string | Specify the clusterName for the policy. |
Sample: Update Kubernetes Admission Controller PolicySample: Update Kubernetes Admission Controller Policy
API Request
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/centralizedPolicy/99984c3a-a4d2-43b3-b4db-72f5107fc2c6' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"uuid": "99984c3a-a4d2-43b3-b4db-72f5107fc2c6",
"policyName": "TEST",
"policyType": "K8S_ADMISSION_CONTROLLER",
"policyMode": "ACTIVE",
"policyBehavior": "BLOCK",
"description": "",
"createdBy": "acctestqa",
"created": "1763643523314",
"updatedBy": "acctestqa",
"updated": "1774864017030",
"centralizedPolicyRules": [
{
"name": "Rule fort CID criticality",
"isEnabled": true,
"type": "IMAGESCAN_VULN_CONTROL_CRITICALITYCOUNT",
"kind": "IMAGE_SECURITY",
"metaData": {
"operator": "GREATER_THAN",
"threshold": 5,
"value": "MEDIUM"
}
},
{
"name": "Rule for cid",
"isEnabled": true,
"type": "IMAGESCAN_VULN_RESTRICTED_CIDS",
"kind": "IMAGE_SECURITY",
"metaData": {
"values": [
10826,
19511
]
}
}
],
"exclusionPolicyRules": [],
"version": 12,
"isDefault": false,
"tagIds": null,
"excludedTagIds": null,
"k8sFilters": [
{
"cluster": {
"clusterUid": "957e3031-c6d1-4a00-9c7e-6406e1bc3bcb",
"clusterName": "ekstest"
},
"namespace": null,
"deployment": null
},
{
"cluster": {
"clusterUid": "31a27441-45fa-4e34-a55c-62300a0fe661",
"clusterName": "COMPTEST/qa/check"
},
"namespace": null,
"deployment": null
}
],
"excludedK8sFilters": null
}'
API Response
{
"policyUUID ": "99984c3a-a4d2-43b3-b4db-72f5107fc2c6"
}
New Report Templates - Image Softwares
With this release, you can now edit image dynamic tags with the help of APIs. To support this, Qualys Container Security has introduced the new report template: Image Softwares (CS_IMAGE_SOFTWARE_DETAILS).
The following APIs are updated with Image Softwares
- Fetch a List of Reports in your Account
GET /csapi/v1.3/reports - Create a Report Request
POST /csapi/v1.3/reports - Create a Report Schedule
POST /csapi/v1.3/reports/schedule - Update an Active Report Schedule
PUT /csapi/v1.3/reports/schedule/{reportingSchedulingId}
Updated API: Fetch a List of Reports in Your Account
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/reports |
| Method | GET |
| DTD XSD Changes | No |
Sample: Fetch a List of reports in Your AccountSample: Fetch a List of reports in Your Account
The sample below shows the request and response for getting the CS_Image_Softwares report.
API Request
curl -X 'GET' \
'<qualys_base_url>/csapi/v1.3/reports?filter=report.name%3APost_API_test&pageNumber=1&pageSize=50&sort=status%3Adesc' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>'
API Response
In the response below, see the new 'templateName' - CS_IMAGE_SOFTWARE_DETAILS used while getting a list of reports.
{
"data": [
{
"reportUuid": "f64841c0-2420-11f1-a10e-63ad41ec1bb5",
"createdAt": "2026-03-20T05:52:21.000Z",
"reportName": "Post_API_test",
"description": "test",
"fileFormat": "csv",
"templateName": "CS_IMAGE_SOFTWARE_DETAILS",
"status": "COMPLETED",
"isScheduled": 0,
"filter": "{\"filter\": \"\",\"secondFilter\": \"not software.lifecycle.eol is null\"}",
"displayColumns": [
"name",
"version",
"fixVersion",
"eolDate",
"eosDate",
"imageId",
"imageSha",
"softwareName",
"softwareVersion"
],
"expireOn": "2026-03-27T05:52:21.000Z",
"emailNotification": 0,
"recipient": "",
"emailSubject": "",
"customMessage": "",
"sendAsAttachment": 0,
"fileZipped": 0,
"expireAfter": 7
}
],
"count": 1
}
Updated API: Create a Report Request
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/reports |
| Method | POST |
| DTD XSD Changes | No |
Input ParametersInput Parameters
The following table shows the updated or new input parameters.
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
| templateName | Mandatory | string | Specify the report template name. With this release, the following new report templates are introduced. - CS_IMAGE_SOFTWARE_DETAILS |
Sample: Create a Report Request Sample: Create a Report Request
The sample below shows the request and response for creating CS_IMAGE_SOFTWARE_DETAILS report.
API Request
curl -X 'POST' \
'<qualys_base_url>/csapi/v1.3/reports' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"name": "Post_API_test",
"description": "test",
"templateName": "CS_IMAGE_SOFTWARE_DETAILS",
"filter": "{\"filter\": \"\",\"secondFilter\": \"not software.lifecycle.eol is null\"}",
"reportScheduleDetails": null,
"expireAfter": 7,
"displayColumns": [
"name",
"version",
"fixVersion",
"eolDate",
"eosDate",
"imageId",
"imageSha"
],
"zip": 0,
"emailNotification": 0
}'
API Response
{
"reportUuid": "f64841c0-2420-11f1-a10e-63ad41ec1bb5"
}
Updated API: Create a Report Schedule
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/reports/schedule |
| Method | POST |
| DTD XSD Changes | No |
Input ParametersInput Parameters
The following table shows the updated or new input parameters.
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
| templateName | Mandatory | string | Specify the name of the report template. With this release, the following new report templates are introduced. - CS_IMAGE_SOFTWARE_DETAILS |
Sample: Create a Report ScheduleSample: Create a Report Schedule
The sample below shows the request and response for creating CS_IMAGE_SOFTWARE_DETAILS report schedule.
API Request
curl -X 'POST' \
'<qualys_base_url>/csapi/v1.3/reports/schedule' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"name": "test_api_schedules",
"description": "",
"templateName": "CS_IMAGE_SOFTWARE_DETAILS",
"filter": "{\"filter\": \"\",\"secondFilter\": \"software.lifecycle.eol:[now .. now+3m]\"}",
"timezone": "Universal",
"format": "csv",
"reportScheduleDetails": {
"recurrenceType": "DAILY",
"selectedDayOfWeeks": null,
"monthlyType": null,
"ordinalDayOfMonth": 1,
"dayOfWeek": null,
"ordinalDayOfWeek": null
},
"expireAfter": 7,
"displayColumns": [
"name",
"version",
"fixVersion",
"eolDate",
"eosDate",
"imageId",
"imageSha"
],
"zip": 0,
"emailNotification": 0,
"eventEndTime": "2026-03-21T12:41:00Z",
"action": "CREATE",
"eventTime": "2026-03-20T11:41:00Z"
}'
API Response
{
"scheduleUuid": "81b918d0-2424-11f1-a10e-63ad41ec1bb5"
}
Updated API: Update an Active Report Schedule
| New or Updated APIs | Updated |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/reports/schedule/{reportingScheduleID} |
| Method | PUT |
| DTD XSD Changes | No |
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
| templateName | Mandatory | string | Specify the name of the report template. With this release, the following new report template is introduced. - CS_IMAGE_SOFTWARE_DETAILS |
Sample: Update an Active Report ScheduleSample: Update an Active Report Schedule
The sample below shows the request and response for updating CS_IMAGE_SOFTWARE_DETAILS report schedule.
API Request
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/reports/schedule/81b918d0-2424-11f1-a10e-63ad41ec1bb5' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"name": "test_api_schedules",
"description": "",
"templateName": "CS_IMAGE_SOFTWARE_DETAILS",
"filter": "{\"filter\": \"\",\"secondFilter\": \"software.lifecycle.eol:[now .. now+3m]\"}",
"timezone": "Universal",
"format": "csv",
"reportScheduleDetails": {
"recurrenceType": "DAILY",
"selectedDayOfWeeks": null,
"monthlyType": null,
"ordinalDayOfMonth": 1,
"dayOfWeek": null,
"ordinalDayOfWeek": null
},
"expireAfter": 7,
"displayColumns": [
"name",
"version",
"eolDate",
"eosDate",
"imageId"
],
"zip": 0,
"emailNotification": 0,
"eventEndTime": "2026-03-21T12:41:00Z",
"action": "CREATE",
"eventTime": "2026-03-20T11:41:00Z"
}'
API Response
{
"message": "Details updated successfully for reportScheduleId 81b918d0-2424-11f1-a10e-63ad41ec1bb5"
}
Improvement in Dynamic Tags
Earlier, dynamic tags were allowed to be created using Container Security APIs. Now, with the help of the following APIs, you can update those dynamic tags and delete them if required.
- Update Dynamic Tags
PUT /csapi/v1.3/tag/update - Delete Dynamic Tag
DELETE /csapi/v1.3/tag/delete
New API: Update Dynamic Tag
| New or Updated APIs | New |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/tag/update |
| Method | PUT |
| DTD XSD Changes | No |
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
| entityTypeToAdd | Mandatory | array of objects | This is used to specify new entity-type rules to the configuration. It accepts a list of entity definitions, where each entry specifies the entity type and the rule to apply to it. |
| entityTypeRuleToUpdate | Mandatory | object (Key-value pairs) | This is used to update existing rules for specific entity types. Each key represents an entity type, and its value is the corresponding rule expression. |
| entityType | Mandatory | string | Type of entity (e.g., IMAGE, CONTAINER) |
| rule | Mandatory | string | Rule expression associated with the entity |
Sample: Update Dynamic TagSample: Update Dynamic Tag
The sample below shows the request and response for updating the dynamic tag.
API Request to update entityTypeToAdd
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/tag/update' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"name": "ai_test1",
"reevaluate": true,
"entityTypeToAdd": [
{
"entityType": "CONTAINER",
"rule": "container.state:RUNNING"
}
]
}'
API Response
{
"tagId": 163606266,
"name": "ai_test1",
"backgroundColor": null,
"foregroundColor": null,
"icon": null,
"criticalityScore": null,
"entityTagInfo": [
{
"entityType": "image",
"dynamicTagRule": "image.source:GENERAL "
},
{
"entityType": "container",
"dynamicTagRule": "container.state:RUNNING"
}
]
}
API Request to update entityTypeRuleToUpdate
curl -X 'PUT' \
'<qualys_base_url>/csapi/v1.3/tag/update' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>' \
-H 'Content-Type: application/json' \
-d '{
"name": "ai_test1",
"reevaluate": true,
"entityTypeRuleToUpdate": {
"image": "image.imageId:b6a9d6f1254e",
"container": "container.state:DELETED"
}
}'
API Response
{
"tagId": 163606266,
"name": "ai_test1",
"backgroundColor": null,
"foregroundColor": null,
"icon": null,
"criticalityScore": null,
"entityTagInfo": [
{
"entityType": "image",
"dynamicTagRule": "image.imageId:b6a9d6f1254e"
},
{
"entityType": "container",
"dynamicTagRule": "container.state:DELETED"
}
]
}
New API: Delete Dynamic Tag
| New or Updated APIs | New |
|---|---|
| API Endpoint (New version) | /csapi/v1.3/tag/delete |
| Method | DELETE |
| DTD XSD Changes | No |
Input ParametersInput Parameters
|
Parameter |
Mandatory/Optional |
Data Type |
Description |
|---|---|---|---|
| tagName | Mandatory | string | Mention the name of the tag you want to delete. |
Sample: Delete Dynamic TagSample: Delete Dynamic Tag
The sample below shows the request and response for deleting the dynamic tag.
API Request
curl -X 'DELETE' \
'<qualys_base_url>/csapi/v1.3/tag/delete?tagName=static_1' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <token>'
API Response
Tag deleted successfully