Create Mitigation Job
For API version information, refer to the API Version History section.
V1.0 | V2.0
Use this API to create Windows and Linux Mitigation Jobs. You can create both Run Once and On-Demand jobs using this API.
Sample - Create Windows On-Demand Mitigation JobSample - Create Windows On-Demand Mitigation Job
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d'API Body
{
"qids": [
90007,90043
],
"assetIds": [
"28e69c01-8e59-4520-83da-a934becf9d88"
],
"assetTagIds":[
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"name": "Windows_MTG_OnDemand_Job",
"description": "Test Windows On-Demand Mitigation Job",
"scheduleType": "On-demand",
"schemaVersion": "1.0",
"status": "Enabled",
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"platform": "Windows",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}'API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "756aa782-8f11-4468-8e68-d1db74c7203e",
"schemaVersion": "1.0",
"name": "Windows_MTG_OnDemand_Job",
"description": "Test Windows On-Demand Mitigation Job",
"type": "Install",
"status": "Enabled",
"coAuthorUserIds": null,
"scheduleType": "On-demand",
"startDateTime": "2026-1-23 04:27:51 AM",
"recurring": false,
"timezoneType": "SPECIFIC_TZ",
"timezone": "UTC",
"createdBy": {
"user": {
"id": "f080cf76-0de1-fd80-826c-ea22cf7da868",
"name": "quaysxkm30",
"fullName": "John Doe"
},
"date": 1769142471331,
"context": null
},
"updatedBy": {
"user": null,
"date": null,
"context": null
},
"deletedBy": {
"user": null,
"date": null,
"context": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 1,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Windows",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"assetIds": [
"28e69c01-8e59-4520-83da-a934becf9d88"
],
"matchAllTagIds": null,
"exclusionTagIds": null,
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "(tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75]) OR (agentId: [28e69c01-8e59-4520-83da-a934becf9d88]) AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "1e8b264f-6689-426b-a395-ca288e554781",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90007,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90007"
],
"mitigationId": "d7e1f429-e0bd-4aac-83d2-ffabbb25e084",
"mitigationType": "Registry Update",
"mitigationSource": null,
"carScriptId": 263935419,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "ae7631c7-e0af-441f-81e4-cd88a340ed2e",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90043,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90043"
],
"mitigationId": "99138ea7-1f1a-4ec8-a755-927913c3ee11",
"mitigationType": "Registry Update",
"mitigationSource": null,
"carScriptId": 934571954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[90007, 90043]"
}Sample - Create Windows Run Once Mitigation JobSample - Create Windows Run Once Mitigation Job
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d' API Body
{
"qids": [
90007,
90043
],
"assetIds": [
"28e69c01-8e59-4520-83da-a934becf9d88"
],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"name": "MTG_RunOnce_Job",
"description": "Test Windows Run-Once Mitigation Job",
"scheduleType": "Once",
"schemaVersion": "1.0",
"startDateTime": "2026-01-23 10:09:58 AM",
"status": "Enabled",
"timezone": "Asia/Kolkata",
"timezoneType": "SPECIFIC_TZ",
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": [],
"matchAllTagIds": [],
"coAuthorUserIds": [],
"platform": "Windows",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}'API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "d6a2dbae-9f78-4947-9c15-c6dc2a0f56ef",
"schemaVersion": "1.0",
"name": "MTG_RunOnce_Job",
"description": "Test Windows Run-Once Mitigation Job",
"type": "Install",
"status": "Enabled",
"coAuthorUserIds": [],
"scheduleType": "Once",
"startDateTime": "2026-01-23 10:09:58 AM",
"recurring": false,
"timezoneType": "SPECIFIC_TZ",
"timezone": "Asia/Kolkata",
"createdBy": {
"user": {
"id": "f080cf76-0de1-fd80-826c-ea22cf7da868",
"name": "quaysxkm30",
"fullName": "John Doe"
},
"date": 1769143677844,
"context": null
},
"updatedBy": {
"user": null,
"date": null,
"context": null
},
"deletedBy": {
"user": null,
"date": null,
"context": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 1,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Windows",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"assetIds": [
"28e69c01-8e59-4520-83da-a934becf9d88"
],
"matchAllTagIds": [],
"exclusionTagIds": [],
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "(tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75]) OR (agentId: [28e69c01-8e59-4520-83da-a934becf9d88]) AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "403055d1-2040-45bc-96d3-6cdf43eb32d3",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90007,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90007"
],
"mitigationId": "d7e1f429-e0bd-4aac-83d2-ffabbb25e084",
"mitigationType": "Registry Update",
"mitigationSource": null,
"carScriptId": 263935419,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "eaf66898-5ef8-415f-8e28-faf40c9c4433",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 90043,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"90043"
],
"mitigationId": "99138ea7-1f1a-4ec8-a755-927913c3ee11",
"mitigationType": "Registry Update",
"mitigationSource": null,
"carScriptId": 934571954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 0,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[90007, 90043]"
}Sample - Create Linux On-Demand Mitigation JobSample - Create Linux On-Demand Mitigation Job
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d'API Body
{
"qids": [
237627,
351793
],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"assetIds": [
"9ed8f61a-61a6-487a-a92a-e163cead65c9"
],
"name": "MTG_LINUX_ONDEMAND_DEMO_1",
"description": "Test Linux Mitigation Job",
"scheduleType": "On-demand",
"schemaVersion": "1.0",
"startDateTime": null,
"status": "Enabled",
"timezone": null,
"timezoneType": null,
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": [],
"matchAllTagIds": [],
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"platform": "Linux",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}'API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "8d53f5e1-ac9b-4cde-9327-31a2a6f35939",
"schemaVersion": "1.0",
"name": "MTG_LINUX_ONDEMAND_DEMO_1",
"description": "Test Linux Mitigation Job",
"type": "Install",
"status": "Enabled",
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"scheduleType": "On-demand",
"startDateTime": "2025-7-01 10:34:39 AM",
"recurring": false,
"timezoneType": "SPECIFIC_TZ",
"timezone": "UTC",
"createdBy": {
"user": {
"id": "b0f469fe-8f5e-f169-80e1-95e8a728bb5d",
"name": "quayxxx35",
"fullName": "John Doe"
},
"date": 1751366077652
},
"updatedBy": {
"user": null,
"date": null
},
"deletedBy": {
"user": null,
"date": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 0,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Linux",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"assetIds": [
"9ed8f61a-61a6-487a-a92a-e163cead65c9"
],
"matchAllTagIds": [],
"exclusionTagIds": [],
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs":[email protected],[email protected]",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75] AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "6a3c52f3-c4cc-4bac-919d-eff19f7704fe",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 351793,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2019-9511"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
},
{
"cves": [
"CVE-2019-9513"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "5ed22f60-66e1-4fca-bdc1-39dee977a31d",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 237627,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2019-9515"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
},
{
"cves": [
"CVE-2019-9512"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
},
{
"cves": [
"CVE-2019-9514"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[351793, 237627]"
}Sample - Create Linux Run Once Mitigation JobSample - Create Linux Run Once Mitigation Job
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v1/deploymentjob' \
-H 'accept: application/json' \
-H 'Authorization: Bearer <JWT_Token>' \
-H 'Content-Type: application/json' \
-d'API Body
{
"qids": [
237627,
351793
],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"assetIds": [
"9ed8f61a-61a6-487a-a92a-e163cead65c9"
],
"name": "MTG_LINUX_RUNONCE_DEMO",
"description": "Test Linux Mitigation Job",
"scheduleType": "Once",
"schemaVersion": "1.0",
"startDateTime": "2025-07-01 04:13:00 PM",
"status": "Enabled",
"timezone": "Asia/Kolkata",
"timezoneType": "SPECIFIC_TZ",
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": [],
"matchAllTagIds": [],
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"platform": "Linux",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}'API Response
{
"customerId": "bbb55e58-b06f-fd7b-81b8-92a7c5407282",
"id": "dc4e0434-3dee-4727-839f-77aabee562bc",
"schemaVersion": "1.0",
"name": "MTG_LINUX_RUNONCE_DEMO",
"description": "Test Linux Mitigation Job",
"type": "Install",
"status": "Enabled",
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"scheduleType": "Once",
"startDateTime": "2025-07-01 04:13:00 PM",
"recurring": false,
"timezoneType": "SPECIFIC_TZ",
"timezone": "Asia/Kolkata",
"createdBy": {
"user": {
"id": "b0f469fe-8f5e-f169-80e1-95e8a728bb5d",
"name": "quaysxkm35",
"fullName": "John Doe"
},
"date": 1751366517418
},
"updatedBy": {
"user": null,
"date": null
},
"deletedBy": {
"user": null,
"date": null
},
"assetCount": null,
"taggedAssetCount": 0,
"applicableAssetCount": 0,
"totalAssetCount": null,
"assetResultReceivedCount": null,
"jobCategory": 3,
"jobTriggerStatus": null,
"completionPercent": null,
"jobSource": 3,
"readOnly": false,
"subCategory": "Mitigation",
"platform": "Linux",
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75"
],
"assetIds": [
"9ed8f61a-61a6-487a-a92a-e163cead65c9"
],
"matchAllTagIds": [],
"exclusionTagIds": [],
"filterType": "Any",
"exclusionFilterType": "Any",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": "80"
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
},
"assetDetectionsQQL": "tags.uuid: [576b4fab-2682-433e-b3e6-c4ea9861ae75] AND trackingMethod:QAGENT",
"preDeployActions": [
{
"actionId": "125d725b-83d0-4d7a-be28-3f2bf6e9f7e4",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 351793,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2019-9511"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
},
{
"cves": [
"CVE-2019-9513"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
}
],
"actionLinkedToJob": false
},
{
"actionId": "3ac2490c-83e4-4169-995b-96a58bcc4699",
"action": "Apply Mitigation",
"actionType": "predeploy",
"params": {
"timeout": 180,
"mitigationCategory": "Script-based Virtual Patch",
"qid": 237627,
"qidDetectionId": 0,
"hostVulnId": 0
},
"mitigationList": [
{
"cves": [
"CVE-2019-9515"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
},
{
"cves": [
"CVE-2019-9512"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
},
{
"cves": [
"CVE-2019-9514"
],
"mitigationId": "01914b60-2b11-77c2-870f-64e0baa83fa2",
"mitigationType": "Uninstall Software",
"carScriptId": 517143954,
"customCdnUrl": "",
"signatureHashCode": "",
"impactFactor": 100,
"implication": 1
}
],
"actionLinkedToJob": false
}
],
"postDeployActions": null,
"vulnQQL": "vulnerabilities.vulnerability.qid:[351793, 237627]"
}
The Create Deployment Job API has been enhanced to allow you to add a maximum of 200 users as co-authors in the job. This enhancement is applicable to Windows and Linux platforms.
Sample - Create Mitigation Job with Restricted Co-Authors LimitSample - Create Mitigation Job with Restricted Co-Authors Limit
API Request
curl -X 'POST' \
'<qualys_base_url>/mtg/v2/deploymentjob' \
-H 'accept: application/json' \
-H 'Content-Type: application/json' \
-d API Body
'{
{
"qids": [
378985,
90044
],
"assetTagIds": [
"576b4fab-2682-433e-b3e6-c4ea9861ae75",
"2f0abeac-8fe5-48a0-aef8-c25bb98ec6f8"
],
"assetIds": [
"9ed8f61a-61a6-487a-a92a-e163cead65c9"
],
"name": "MTG_WINDOWS_ONDEMAND_DEMO",
"description": "Test Mitigation Job",
"scheduleType": "On-demand",
"schemaVersion": "1.0",
"startDateTime": null,
"status": "Enabled",
"timezone": null,
"timezoneType": null,
"type": "Install",
"filterType": "Any",
"exclusionFilterType": "Any",
"exclusionTagIds": [
"9947851b-017f-4df5-8831-5073392a51c2"
],
"matchAllTagIds": [],
"coAuthorUserIds": [
"430c474e-2309-47bf-832b-a6e5685c3866"
],
"platform": "Windows",
"notification": {
"notificationTypes": {
"email": true
},
"notificationConfigs": {
"recipientEmails": "[email protected],[email protected]",
"completedPercentage": 80
},
"notificationEvents": {
"onJobStart": true,
"onJobComplete": true
}
}
}
}'API Response
{
"_error": {
"code": 500,
"errorCode": "2435",
"message": "Co-author limit exceeded. You can add up to 200 co-authors per job"
}
}API Version History
| API Version | API Status | Release Date |
|---|---|---|
| /mtg/v1/deploymentjob | To be deprecated | July 2026 |
| /mtg/v2/deploymentjob | Active | Feb 2026 |