Qualys Web Application Scanning (WAS) is a cloud-based web application security product. WAS continuously monitors, detects, and reports the web applications and APIs against threats like vulnerabilities, misconfigurations, and web malware.

The Qualys GitHub Actions for Web Application Scanning (WAS) allows DevOps teams to build application vulnerability scans into their existing CI/CD processes. By integrating web application scans in this manner, application security testing is accomplished earlier in the Software Development Life Cycle (SDLC) to catch and eliminate security flaws.

GitHub Actions triggers the web application scanning process when you run a workflow in your GitHub repository. The input parameters submitted in the workflow through .yaml/.yml file control the scan and allow you to configure the workflow as per your requirement.

Features of GitHub Actions for WAS

Qualys GitHub Actions for WAS provides you following features:


The workflow of Qualys GitHub Actions for WAS involves:

  1. Configure Environment Parameter
  2. Configure GitHub Actions
  3. Generate and Download Scan Result