Adding Web Applications

You can add web applications you want to scan for security risks - vulnerabilities, malware and sensitive contents to your Qualys TAS subscription in multiple ways — create a New Web Application using the wizard, or add from Catalog, CSV import, or Save-As cloning.

When you add a web application, TAS builds a web asset in your subscription if it doesn't already exist. This asset has a name, URL and tags (optional). The inventory of web applications to which you have access to in the CyberSecurity Asset Management (CSAM) application.

Where can I see my assets? You'll see an inventory of all the assets

Review some basics of web applications at Web Applications - The Basics

How to Add Web Application

Here are the ways in which you can add web applications in your subscription. 

Create a New Web Application

Create a new web application in simple steps.

  1. Add basic information. See Web Application - Basic Information.
  2. Define the scope, behavior, and rules that control how Qualys crawls a web application before scanning. See Web Application - Crawl Settings.
  3. Define default scan settings used for the web application. See Web Application - Default Scan Settings.
  4. Define additional configurations, such as authentication record, DNS override, exclusions, and so on. See Web Application - Additional Configurations.
  5. Review the settings defined and add the web application. 

Import a Web Application in a CSV File

Go to Web Applications and click New Web Application > Import Web App. See Import Web Applications

Add Web Applications Found in Vulnerability Scan 

Discover web applications from your vulnerability scans. The discovered web applications are displayed in the Discovery > Potential Web Applications tab. You can use the Add to Subscription option to add a web application. 

Clone a Web Application 

Select a web application, use Save As to create a copy, rename it, and modify the settings as needed. See Clone a Web Application.

Web Application Permissions 

Users who are not Managers need to be granted access to web assets. A Manager can do this by going to the Administration utility, editing the users' accounts, and assigning web application tags to the user scopes.

Tagging web assets lets you grant users access to them. It also gives you a convenient way to manage large volumes of web applications. For reports, for example, you can select web application tags as the report target.

 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy. Last updated: December, 2025