Upgrade to TotalAppSec

Upgrading to TotalAppSec from WAS is simple and seamless. It does not require data or configuration migration, application reconfiguration, user re-onboarding, or downtime. All WAS vulnerabilities, reports, applications, schedules, and users are automatically carried over.

Scanner Requirements 

TotalAppSec API Security is supported only with next-generation 64-bit scanners. If you are using a legacy 32-bit scanner, we recommend upgrading to the 64-bit scanner.

Upgrade to the 64-bit scanner involves a platform change; you must reinstall your internal scanners during the upgrade.

Before upgrading, verify your scanner type and version.

External Scanners 

External scanners hosted in the Qualys Cloud are already running on the 64-bit WAS engine. No action required.

Internal (On-Prem) Scanners

If you are using a 32-bit WAS Engine, you must upgrade to the 64-bit Engine. To check the scanner version, see Verify the Scanner Version.

Physical Scanners

If you are using physical scanners of model QGSA-5120-A1 or QGSA-4120-A1, you must upgrade your scanner.

Verify Scanner Version 

Use one of the following ways to verify the scanner version:

  • In Vulnerability Management, navigate to Scans > Appliance> Info, and check the scanner image name. If your Software Image Version is earlier than 3.10 (for example, SCAN.i386-3.9.26-1), you must upgrade your scanner.
  • In Web Application Scanning, navigate to Scans. Select a scan, and click View from Quick Actions to check the WAS Engine version. If the version is 10.x, it is a 64-bit scanner. If it is 9.x or earlier, it is a 32-bit scanner.

Upgrade Physical Scanner

Contact your Technical Account Manager (TAM) for assistance with the physical scanner upgrade.

Virtual Scanners — VMs or Containers

If you are using virtual scanners, verify the version of your scanner image. To check the scanner image version, navigate to VMDR > Scans > Appliances and click Info from the Quick Actions menu.

Scanner appliance ifnormation.

Upgrade Virtual Scanner

To upgrade the virtual scanner:

  1. Navigate to Vulnerability Management > Scans > Appliances.
  2. Click New > select an appropriate option based on your scanner setup. 
    Select appropriate scanner setup.

For detailed information, see Scanner Appliances.

What to Expect After the Upgrade

Post upgrade to TotalAppSec, you can see the user interface change as described

  • Application Name Change 

The application name will change from WAS to TotalAppSec (TAS) in the top-left corner.

TAS show in app picker.

  • New APIs tab in Applications

The new APIs tab under Applications is available to onboard APIs for compliance testing. For details, see Add New APIs.

APIs tab in TAS.

  • New Discovery tab

The new Discovery tab is available to configure sources to auto-discover and display the inventory of discovered web applications and APIs. For details, see Discover Potential Web Applications and APIs.

Discovery tab in TAS.

  • Compliance scan details 

When you perform a compliance scan for the APIs specifying Swagger files, the API Compliance tab in the application details displays violations to the OpenAPI specifications. 

API Compliance tat in Application Details.

  • Custom Signature

Custom signature functionality is provided to create or modify signatures to automate custom penetration tests. For details, see Custom Signature.

Custom Signature in TAS.

Ready to upgrade to TotalAppSec? Contact your Technical Account Manager. 

© 2025 Qualys, Inc. All rights reserved. Privacy Policy.