Web Application Scanning (WAS) and CSAM Integration

Qualys Web Application Scanning (WAS) is an automated scanner that uses fault injection tests to find vulnerabilities. WAS examines the responses from your web application to determine vulnerabilities and thus enable organizations to scan their web applications for vulnerabilities. It assesses, tracks, and remediates web application vulnerabilities.

With the CyberSecurity Asset Management (CSAM) and Web Application Scanning (WAS) integration, you can identify and manage security risks and vulnerabilities in your web applications and APIs anywhere and anytime.

- Users with a Trial or Paid subscription can integrate Web Application Scanning (WAS) with CyberSecurity Asset Management (CSAM).

- Web Application Scanning (WAS) enablement is a must to use the CSAM and WAS integration capabilities.


The Web Applications tab is specifically designed:

-  To view a list of Potential Web Assets based on the host asset scan and WebServer Query that is currently applied. 

-  To Run the WebServer Query and customize the WebServer Query.

-  To activate WAS and create Web Applications from the Potential Web Assets. 

-  To edit or deactivate Web Applications.

Learn More about CSAM and WAS Integration

Enabling Web Application Scanning (WAS)

Note: WAS enablement is the prerequisite to use CSAM and WAS integration capabilities.

-  Overview of CSAM and WAS Integration Capabilities

Customizing WebServer Query

Activating Web Application Scanning (WAS)

Viewing Web Application Details

Editing Web Application

Deactivating Web Applications