Get Started with Web Application Scanning

Overview of WAS

Qualys WAS is an automated scanner that uses fault injection tests to find vulnerabilities. It inserts specially crafted character strings into your application form fields.

WAS then examines the responses from your application to determine the existence of the vulnerability. You can see what is sent and how your application responded in WAS’s reporting capabilities. Qualys Web Application Scanning enables organizations to scan their applications for vulnerabilities. It assesses, tracks, and remediates application vulnerabilities.

TotalAppSec

Qualys TotalAppSec is an AI-powered, unified application risk management solution designed to secure modern web applications and APIs across all environments from on-premises, multi-cloud applications to API gateways, containers, and microservices.

By combining web application scanning and API security, TotalAppSec unifies discovery, risk assessment, prioritization, and remediation of vulnerabilities across both web applications and APIs. It addresses critical challenges like shadow APIs, zero-day threats, and fragmented security workflows, empowering organizations to secure their applications throughout the development lifecycle, reduce the attack surface, and enhance operational agility.

To get details on the TotalAppSec, contact your Qualys representative. 

Customizable Dynamic Dashboards

Dashboards help you visualize your assets, see your threat exposure, leverage saved searches, and fix priority of vulnerabilities quickly.   

We have integrated Unified Dashboard (UD) with WAS. UD brings information from all Qualys applications into a single place for visualization. UD provides a powerful new dashboarding framework along with Enterprise TruRisk™ Platform service that will be consumed and used by all other products to enhance the existing dashboard capabilities.

You can use the default dashboard provided by Qualys or easily configure widgets to pull information from other modules/applications and add them to your dashboard. You can also add as many dashboards as you like to customize your vulnerability posture view.