The Qualys GitHub Actions for Web Application Scanning (WAS) allows DevOps teams to build application vulnerability scans into their existing CI/CD processes. By integrating web application scans in this manner, application security testing is accomplished earlier in the Software Development Life Cycle (SDLC) to catch and eliminate security flaws.
- A valid Qualys subscription with the Web Application Scanning application activated.
- Access to Qualys Web Application Scanning application API in the Qualys GitHub Actions for WAS. Refer to the WAS API User Guide and check the permissions required for the following APIs.
Launch Scans (Single): /qps/rest/3.0/launch/was/wasscan/
Retrieve Scan Status: /qps/rest/3.0/status/was/wasscan/<id>
Retrieve Scan Results: /qps/rest/3.0/download/was/wasscan/<id>
For more information, refer to the Qualys GitHub Actions for WAS.