Web Application Scanning v2: Deprecation Reminders

There are several endpoints, parameters, and attributes in the Web Application Scanning v2 API that are pending deprecation. These items will be removed on November 18th, 2021. Please update any existing integrations that your organization has before this date.


Web Application Scanning: Multi-Target Scans

The Web Application Scanning v2 API now supports multi-target scans. This feature allows users to specify up to 1,000 targets in a single scan. Previously the WAS v2 API only supported single target scans.


Send Instructions to Agents

You can now send instructions to agents or agents in a group via the API. Two new endpoints were added to allow users to send instructions in bulk.


Bulk Agent Management Improvements

The API now supports criteria filtering for agent bulk operations. Users can now specify whether or not to perform bulk operation on all agents or a subset of agents determined by filtering criteria. Previously, users could only specify an array of agent IDs or UUIDs when performing agent bulk operations.


Hard Delete Assets

The Vulnerability Management API now offers users the ability to hard delete assets when deleting assets in bulk. The hard deletion of an asset completely removes the asset from your licensed asset count along with all related data.


New Filter for Vulnerability Exports

A new filter has been added to allow customers to filter vulnerability exports by plugin type. The new filter is plugin_type.


New Compliance Export API

The API now supports compliance data exports. The compliance export API can be used to export data that is an aggregation or summary of all compliance scan data. The summary is updated with the latest audit results as new compliance scans are run. The compliance export API does not return results for individual scans.


New Time-based Filter for Vulnerability Exports Endpoints

A new field has been added to allow customers to filter export results and observe the specific time a document has been indexed into the datastore. The new filter is indexed_at.


Web Application Scanning: Get Vulnerability Details

You can now use the Web Application Scanning v2 API to get vulnerability details by vuln ID.


WAS: Deprecation Notice for details.response and details.request Response Attributes

The details.response and details.request response attributes are deprecated. These response attributes will be retired from the the Web Application Scanning v2 API on 2021/11/26 and will no longer be returned in responses. Please update any existing integrations that your organization has.