GitHub Actions for TotalAppSec 

The Qualys GitHub Actions for Web Application Scanning (WAS) allows DevOps teams to build application vulnerability scans into their existing CI/CD processes. By integrating web application scans in this manner, application security testing is accomplished earlier in the Software Development Life Cycle (SDLC) to catch and eliminate security flaws.

Prerequisites

- A valid Qualys subscription with the TotalAppSec application activated.

- Access to Qualys TotalAppSec application API in the Qualys GitHub Actions for WAS. Refer to the WAS API User Guide and check the permissions required for the following APIs.

  • Launch Scans (Single): /qps/rest/3.0/launch/was/wasscan/

  • Retrieve Scan Status: /qps/rest/3.0/status/was/wasscan/<id>

  • Retrieve Scan Results: /qps/rest/3.0/download/was/wasscan/<id>

For more information,  refer to the Qualys GitHub Actions for WAS.

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.