This SDK attempts to make it much easier to interact with Qualys's various API endpoints, across as many modules as I can find time to code.
from qualysdk.auth import BasicAuth
from qualysdk.vmdr import get_host_list
auth = BasicAuth(<username>, <password>, platform='qg1')
#Pull 4 pages of hosts, with "All/AGs" details & tags:
hosts = get_host_list(auth, details="All/AGs", show_tags=True, page_count=4)
>>>[VMDRHost(12345), ...]
| Module | Status |
|---|---|
| GAV (Global AssetView) | ✅ See GAV documentation page for supported calls |
| VMDR | ✅ See VMDR documentation page for supported calls |
| PM (Patch Management) | See Patch Management documentation page for supported calls |
| WAS | ✅ See WAS documentation page for supported calls |
| TC (TotalCloud) | ✅ See TotalCloud documentation page for supported calls. |
| Connectors | Not Started |
| Cloud Agent | ✅ See Cloud Agent documentation page for supported calls |
| CS (Container Security) | ✅ See CS documentation page for supported calls |
| CERT (Certificate View) | ✅ See CERT documentation page for supported calls |
| ADMIN (Administration) | Not Started |
| Asset Management & Tagging | Not Started |
| SQL Data Uploads | ✅ See SQL documentation page for supported uploads/DBs |
For more detailed information on the package, including how to get up and running, please see the documentation.
This SDK tool is an independent project and is not an official product of Qualys. It has been developed and maintained solely by the names listed in the GitHub contributors list. Qualys has neither endorsed nor approved this SDK.
Users of this SDK are advised to use it at their own risk and discretion.
For official tools and support, please refer to the official Qualys resources and documentation.
FAQs
SDK for interacting with Qualys APIs, across most modules the platform offers.
We found that qualysdk demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Research
The Socket Research Team breaks down a malicious wrapper package that uses obfuscation to harvest credentials and exfiltrate sensitive data.
Research
Security News
Attackers used a malicious npm package typosquatting a popular ESLint plugin to steal sensitive data, execute commands, and exploit developer systems.
Security News
The Ultralytics' PyPI Package was compromised four times in one weekend through GitHub Actions cache poisoning and failure to rotate previously compromised API tokens.