TotalCloud Release 2.16 API

May 13, 2025

Before understanding the API release highlights, learn more about the API server URL to be used in your API requests by referring to the Know Your Qualys API Server URL section. For this API Release Notes, <qualys_base_url> is mentioned in the sample API requests.

What's New?

AWS Resource Details with Secrets

New or Updated API Updated
API Endpoint /cloudview-api/rest/v1/resource/EC2_INSTANCE/AWS
Method GET
DTD or XSD changes Not Applicable

With this release, the API to list AWS EC2 instances and now includes secretStats and hasSecrets fields. These additions help identify instances with exposed secrets and their severity distribution.

Input ParametersInput Parameters

Parameter Name Mandatory/Optional Data Type Description
pageNo Optional Integer Page number for pagination (default is 0)
pageSize Optional Integer Number of results per page (default is 100)
updated Optional String Filter instances updated within a specific time range
filter Optional String Filter based on specific instance attributes like resource.id

SampleSample

API Request

curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/EC2_INSTANCE/AWS?filter=resource.id%3Ai-xxxxxxxxxxxxxxxxx&pageNo=0&pageSize=10&updated=%5Bnow-30d..now%5D' \
  -H 'accept: */*' \
  -H 'Authorization: Basic  '

API Response

     {
  "content": [
    {
      "resourceId": "i-xxxxxxxxxxxxxxxxx",
      "name": "test-secrets",
      "hasSecrets": true,
      "secretStats": {
        "severity": {
          "CRITICAL": 6,
          "HIGH": 7,
          "MEDIUM": 21,
          "LOW": 16
        },
        "totalSecrets": 50
      },
      ...
    }
  ],
  ...
}

Instance Details with Secrets

New or Updated API Updated
API Endpoint /cloudview-api/rest/v1/resource/EC2_INSTANCE/uuid/<uuid>/AWS
Method GET
DTD or XSD changes Not Applicable

With this release, The API to retrieve detailed information about an AWS EC2 instance is now enhanced to include a secrets array containing the list of detected secrets with associated metadata.

Input ParametersInput Parameters

Parameter Name Mandatory/Optional Data Type Description
uuid Mandatory String Unique identifier of the EC2 instance

SampleSample

API Request

curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/EC2_INSTANCE/uuid/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/AWS' \
  -H 'accept: */*' \
  -H 'Authorization: Basic <auth token>'

API Response

    {
    "content": [
        {
            "subnetId": "subnet-0xxxxxxxxxxxxxxxx",
            "resourceId": "i-0xxxxxxxxxxxxxxxx",
            "arsScore": 165,
            "uuid": "xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "availabilityZone": "us-east-1b",
            "remediationEnabled": null,
            "lastUpdated": "2025-04-20T07:56:44+0000",
            "instanceState": "running",
            "networkInterfaceAddresses": [
                {
                    "networkInterfaceId": "eni-xxxxxxxxxxxxxxxxxx",
                    "subnetId": "subnet-0xxxxxxxxxxxxxxxx",
                    "ipv6Ip": [],
                    "secondaryPrivateIp": [],
                    "description": "",
                    "groups": [
                        {
                            "groupName": "launch-wizard-3",
                            "groupId": "sg-0xxxxxxxxxxxxxxxx"
                        }
                    ],
                    "privateDnsName": "ip-xxx-xx-xx-xxx.ec2.internal",
                    "publicIp": "xx.xx.xx.xx",
                    "privateIpAddress": "xxx-xx-xx-xxx"
                }
            ],
            "cloudType": "AWS",
            "isSnapshotScanEnabled": true,
            "events": null,
            "iamInstanceProfileRoleDetails": null,
            "connectorUuids": [
                "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
            ],
            "imageId": "ami-0xxxxxxxxxxxxxxxx",
            "created": "2025-03-26T06:58:03.219+00:00",
            "cloudAccountId": "xxxxxxxxxxx",
            "ipAddress": null,
            "publicDnsName": "ec2-50-17-16-28.compute-1.amazonaws.com",
            "secrets": null,
            "privateIpAddress": "xxx-xx-xx-xxx",
            "tags": [
                {
                    "value": "instancenew",
                    "key": "Name"
                },
                {
                    "value": "true",
                    "key": "QUALYS_SNAPSHOT_ENABLED"
                }
            ],
            "launchTime": "2025-03-19T09:52:17+0000",
            "classifications": null,
            "name": "instancenew",
            "secondaryPrivateIpAddress": null,
            "region": "us-east-1",
            "accountAlias": null,
            "controlsFailed": 4,
            "createdOn": "2025-03-26T06:58:03+0000",
            "secretStats": {
                "severity": {
                    "HIGH": 86,
                    "MEDIUM": 37,
                    "LOW": 22,
                    "CRITICAL": 23
                },
                "totalSecrets": 168
            },
            "instanceId": "i-xxxxxxxxxxxxxxxx",
            "vulnerabilityStats": {
                "severity": {
                    "3": 1,
                    "4": 9
                },
                "typeDetected": {
                    "Confirmed": 10,
                    "Information": 5
                },
                "totalVulnerability": 15
            },
            "vpcId": "vpc-xxxxxxxxxxxxxxxx",
            "hasSecrets": true,
            "publicIpAddress": "50.17.16.28",
            "instanceType": "t2.micro",
            "additionalDetails": null,
            "connectorUuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
            "instanceStatus": null,
            "iamInstanceProfile": null,
            "spotInstanceRequestId": null,
            "elasticIpAddress": null,
            "sev3Sev4Sev5VulnCount": 0,
            "qualysTags": [],
            "vulnerabilities": null,
            "securityGroups": [
                {
                    "groupName": "launch-wizard-3",
                    "groupId": "sg-06c97140dd933163b"
                }
            ],
            "privateDnsName": "ip-xxx-xx-xx-xxx.ec2.internal",
            "criticalityScore": 0,
            "resourceType": "EC2_INSTANCE"
        }

Get Cloud Resources with Vulnerability Statistics

New or Updated API Updated
API Endpoint /cloudview-ap/rest/v1/resource/{resourceType}/AWS
Method POST
DTD or XSD changes Not Applicable

With this release, this API is updated to include a new response parameter:vulnerabilityStats. This parameter summarizes vulnerability data for each listed resource enabling quick prioritization and risk assessment at scale.

SampleSample

API Request

curl --location 'https://qualysguard.qualys.com/cloudview-ap/rest/v1/resource/{resourceType}/AWS' \
  -H 'accept: */*' \
  -H 'Authorization: Basic <auth token>'

API Response

     "vulnerabilityStats": {
  "severity": {
    "1": 4,
    "2": 1,
    "3": 3,
    "4": 1
  },
  "typeDetected": {
    "Confirmed": 3,
    "Information": 4,
    "Potential": 2
  },
  "totalVulnerability": 9
}

Get Resource Details by UUID

New or Updated API Updated
API Endpoint /cloudview-api/rest/v1/resource/{resourceType}/uuid/{resourceUuid}/AWS
Method POST
DTD or XSD changes Not Applicable

With this release, this API now includes a vulnerability array in the response parameters that provides a detailed list of vulnerabilities associated with the specified resource, which can be used to perform targeted investigation and remediation.

SampleSample

API Request

curl --location 'https://qualysguard.qualys.com/cloudview-api/rest/v1/resource/{resourceType}/uuid/{resourceUuid}/AWS' \
  -H 'accept: */*' \
  -H 'Authorization: Basic <auth token>'

API Response

  "vulnerability": [
  {
    "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "resourceId": "ami-0xxxxxxxxxxxxxxxx",
    "name": "Amazon Linux Security Advisory for python-urllib3 : ALAS2023-2024-747",
    "qid": 358188,
    "typeDetected": "Confirmed",
    "severity": 2,
    "protocol": "",
    "hostOS": "Amazon Linux 2023.6.20241010",
    "category": "Amazon Linux",
    "lastFound": "2025-03-12T09:44:31.509+00:00",
    "firstFound": "2025-03-12T09:44:31.509+00:00",
    "port": 0
  },
  {
    "uuid": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
    "resourceId": "ami-0xxxxxxxxxxxxxxxx",
    "name": "Amazon Linux Security Advisory for kernel : ALAS2023-2025-823",
    "qid": 358510,
    "typeDetected": "Confirmed",
    "severity": 4,
    "protocol": "",
    "hostOS": "Amazon Linux 2023.6.20241010",
    "category": "Amazon Linux",
    "lastFound": "2025-03-12T09:44:31.509+00:00",
    "firstFound": "2025-03-12T09:44:31.509+00:00",
    "port": 0
  }
]