Release 1.13
March 12, 2024
The summary of enhancements in the new WAS UI, behavior changes, and known limitations are described in New UI of Web Application Scanning.
What's New?
New Widgets in Dashboard
With this release, you can create new widgets to display scan schedules and report schedule data.
Example of creating a widget with scan schedule data
The following image indicates the widget creation with the scan schedule type.
The widget created is added to the Dashboard.
Audit Log Service Integration
With this release, the Web Application Scanning is integrated with Audit Log Service. This helps in faster search through the audit logs to find actions performed in WAS UI, API, and other services.
The action logs generated from WAS UI, API, and other services, are listed in the Activity Log tab of the Administration utility using the audit log service.
To enable this feature, contact your Qualys representative.
Scan Progress Indicator
With this release, the scan progress bar is introduced to display the current status of the scan. The scan progress scan is available in the View Scan Details window > Overview tab.
The green color indicates the scan steps that are completed, and the orange color indicates the scan steps that are in progress.
Discovery Scan Progress Bar
The discovery scan progress bar displays three phases:
Vulnerability Scan Progress Bar
The vulnerability scan progress bar displays four phases.
Enhancement in Retest Functionality for Multiple Detections
With this release, you can combine the multiple detections for the web application with the same or different QIDs and launch a retest for the detections together.
Earlier, the retest for multiple detections could be launched only when the detections belonged to the same web applications and the same QID.
The retest is applicable for Qualys findings that are non-ignored, in the vulnerabilities or sensitive content category.
The Retest option is not available in the following scenarios:
- If detections with Under_Retest or Cancel_Retest status are included in the selected detections.
- If detections with the Information Gathered category are included in the selected detections.
Issues Addressed
The following reported and notable customer issues have been fixed in this release.
| Category/Component | Issue |
|
New WAS-UI
|
An issue was observed where data did not load in the Web Applications and Scans tabs in WAS new UI. However, the data was visible in the classic WAS UI. This issue is fixed. |
|
New WAS-UI
|
We have fixed an issue where the subusers could not launch the test authentication scan. |
|
New WAS-UI
|
An issue was observed when the user tried to launch a retest for multiple detections using the new WAS UI. This issue is resolved, and the user can retest multiple findings from the same web application. |
|
New WAS-UI
|
An issue where the Super User could not edit authentication records with selenium scripts created by inactive or deleted users is fixed. |
|
New WAS-UI
|
In a scenario where the user has created a web application report schedule and edits the name of the web application included in the report, the new name of the edited web application is not displayed in the report schedule. This issue is resolved, and the edited name of the web application is displayed in the Target section of the web application report schedule. |
|
New WAS- UI
|
A discrepancy was observed in the data displayed in the dashboard widget and the actual data. The issue is resolved. |