Qualys Web Application Scanning (WAS) is an automated scanner that uses fault injection tests to find vulnerabilities. WAS examines the responses from your web application to determine vulnerabilities and thus enable organizations to scan their web applications for vulnerabilities. It assesses, tracks, and remediates web application vulnerabilities.
With the Global AssetView (GAV) and Web Application Scanning (WAS) integration, you can identify and manage security risks and vulnerabilities in your web applications and APIs anywhere and anytime.
Note:
- Users with a Trial or Paid subscription can integrate Web Application Scanning (WAS) with Global AssetView (GAV).
- Web Application Scanning (WAS) enablement is a must to use the GAV and WAS integration capabilities.
The Web Applications tab is specifically designed:
- To view a list of Potential Web Assets based on the host asset scan and WebServer Query that is currently applied.
- To Run the WebServer Query and customize the WebServer Query.
- To activate WAS and create Web Applications from the Potential Web Assets.
- To edit or deactivate Web Applications.
- Enabling Web Application Scanning (WAS)
Note: WAS enablement is the prerequisite to use GAV and WAS integration capabilities.
- Overview of GAV and WAS Integration Capabilities
- Activating Web Application Scanning (WAS)
- Viewing Web Application Details
- Deactivating Web Applications