TotalCloud Release 2.16 API
May 13, 2025
Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.
What's New?
AWS Resource Details with Secrets
| New or Updated API | Updated |
| API Endpoint | /cloudview-api/rest/v1/resource/EC2_INSTANCE/AWS |
| Method | GET |
| DTD or XSD changes | Not Applicable |
With this release, the API to list AWS EC2 instances and now includes secretStats and hasSecrets fields. These additions help identify instances with exposed secrets and their severity distribution.
Input ParametersInput Parameters
| Parameter Name | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
pageNo |
Optional | Integer | Page number for pagination (default is 0) |
pageSize |
Optional | Integer | Number of results per page (default is 100) |
updated |
Optional | String | Filter instances updated within a specific time range |
filter |
Optional | String | Filter based on specific instance attributes like resource.id |
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/EC2_INSTANCE/AWS?filter=resource.id%3Ai-xxxxxxxxxxxxxxxxx&pageNo=0&pageSize=10&updated=%5Bnow-30d..now%5D' \ -H 'accept: */*' \ -H 'Authorization: Basic '
API Response
{
"content": [
{
"resourceId": "i-xxxxxxxxxxxxxxxxx",
"name": "test-secrets",
"hasSecrets": true,
"secretStats": {
"severity": {
"CRITICAL": 6,
"HIGH": 7,
"MEDIUM": 21,
"LOW": 16
},
"totalSecrets": 50
},
...
}
],
...
}
Instance Details with Secrets
| New or Updated API | Updated |
| API Endpoint | /cloudview-api/rest/v1/resource/EC2_INSTANCE/uuid/<uuid>/AWS |
| Method | GET |
| DTD or XSD changes | Not Applicable |
With this release, The API to retrieve detailed information about an AWS EC2 instance is now enhanced to include a secrets array containing the list of detected secrets with associated metadata.
Input ParametersInput Parameters
| Parameter Name | Mandatory/Optional | Data Type | Description |
|---|---|---|---|
uuid |
Mandatory | String | Unique identifier of the EC2 instance |
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/EC2_INSTANCE/uuid/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/AWS' \ -H 'accept: */*' \ -H 'Authorization: Basic <auth token>'
API Response
{
"content": [
{
"subnetId": "subnet-0xxxxxxxxxxxxxxxx",
"resourceId": "i-0xxxxxxxxxxxxxxxx",
"arsScore": 165,
"uuid": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"availabilityZone": "us-east-1b",
"remediationEnabled": null,
"lastUpdated": "2025-04-20T07:56:44+0000",
"instanceState": "running",
"networkInterfaceAddresses": [
{
"networkInterfaceId": "eni-xxxxxxxxxxxxxxxxxx",
"subnetId": "subnet-0xxxxxxxxxxxxxxxx",
"ipv6Ip": [],
"secondaryPrivateIp": [],
"description": "",
"groups": [
{
"groupName": "launch-wizard-3",
"groupId": "sg-0xxxxxxxxxxxxxxxx"
}
],
"privateDnsName": "ip-xxx-xx-xx-xxx.ec2.internal",
"publicIp": "xx.xx.xx.xx",
"privateIpAddress": "xxx-xx-xx-xxx"
}
],
"cloudType": "AWS",
"isSnapshotScanEnabled": true,
"events": null,
"iamInstanceProfileRoleDetails": null,
"connectorUuids": [
"xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
],
"imageId": "ami-0xxxxxxxxxxxxxxxx",
"created": "2025-03-26T06:58:03.219+00:00",
"cloudAccountId": "xxxxxxxxxxx",
"ipAddress": null,
"publicDnsName": "ec2-50-17-16-28.compute-1.amazonaws.com",
"secrets": null,
"privateIpAddress": "xxx-xx-xx-xxx",
"tags": [
{
"value": "instancenew",
"key": "Name"
},
{
"value": "true",
"key": "QUALYS_SNAPSHOT_ENABLED"
}
],
"launchTime": "2025-03-19T09:52:17+0000",
"classifications": null,
"name": "instancenew",
"secondaryPrivateIpAddress": null,
"region": "us-east-1",
"accountAlias": null,
"controlsFailed": 4,
"createdOn": "2025-03-26T06:58:03+0000",
"secretStats": {
"severity": {
"HIGH": 86,
"MEDIUM": 37,
"LOW": 22,
"CRITICAL": 23
},
"totalSecrets": 168
},
"instanceId": "i-xxxxxxxxxxxxxxxx",
"vulnerabilityStats": {
"severity": {
"3": 1,
"4": 9
},
"typeDetected": {
"Confirmed": 10,
"Information": 5
},
"totalVulnerability": 15
},
"vpcId": "vpc-xxxxxxxxxxxxxxxx",
"hasSecrets": true,
"publicIpAddress": "50.17.16.28",
"instanceType": "t2.micro",
"additionalDetails": null,
"connectorUuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"instanceStatus": null,
"iamInstanceProfile": null,
"spotInstanceRequestId": null,
"elasticIpAddress": null,
"sev3Sev4Sev5VulnCount": 0,
"qualysTags": [],
"vulnerabilities": null,
"securityGroups": [
{
"groupName": "launch-wizard-3",
"groupId": "sg-06c97140dd933163b"
}
],
"privateDnsName": "ip-xxx-xx-xx-xxx.ec2.internal",
"criticalityScore": 0,
"resourceType": "EC2_INSTANCE"
}
Get Cloud Resources with Vulnerability Statistics
| New or Updated API | Updated |
| API Endpoint | /cloudview-ap/rest/v1/resource/{resourceType}/AWS |
| Method | POST |
| DTD or XSD changes | Not Applicable |
With this release, this API is updated to include a new response parameter:vulnerabilityStats. This parameter summarizes vulnerability data for each listed resource enabling quick prioritization and risk assessment at scale.
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-ap/rest/v1/resource/{resourceType}/AWS' \
-H 'accept: */*' \
-H 'Authorization: Basic <auth token>'
API Response
"vulnerabilityStats": {
"severity": {
"1": 4,
"2": 1,
"3": 3,
"4": 1
},
"typeDetected": {
"Confirmed": 3,
"Information": 4,
"Potential": 2
},
"totalVulnerability": 9
}
Get Resource Details by UUID
| New or Updated API | Updated |
| API Endpoint | /cloudview-api/rest/v1/resource/{resourceType}/uuid/{resourceUuid}/AWS |
| Method | POST |
| DTD or XSD changes | Not Applicable |
With this release, this API now includes a vulnerability array in the response parameters that provides a detailed list of vulnerabilities associated with the specified resource, which can be used to perform targeted investigation and remediation.
SampleSample
API Request
curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/{resourceType}/uuid/{resourceUuid}/AWS' \
-H 'accept: */*' \
-H 'Authorization: Basic <auth token>'
API Response
"vulnerability": [
{
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"resourceId": "ami-0xxxxxxxxxxxxxxxx",
"name": "Amazon Linux Security Advisory for python-urllib3 : ALAS2023-2024-747",
"qid": 358188,
"typeDetected": "Confirmed",
"severity": 2,
"protocol": "",
"hostOS": "Amazon Linux 2023.6.20241010",
"category": "Amazon Linux",
"lastFound": "2025-03-12T09:44:31.509+00:00",
"firstFound": "2025-03-12T09:44:31.509+00:00",
"port": 0
},
{
"uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
"resourceId": "ami-0xxxxxxxxxxxxxxxx",
"name": "Amazon Linux Security Advisory for kernel : ALAS2023-2025-823",
"qid": 358510,
"typeDetected": "Confirmed",
"severity": 4,
"protocol": "",
"hostOS": "Amazon Linux 2023.6.20241010",
"category": "Amazon Linux",
"lastFound": "2025-03-12T09:44:31.509+00:00",
"firstFound": "2025-03-12T09:44:31.509+00:00",
"port": 0
}
]