Release 1.13

March 12, 2024

The summary of enhancements in the new WAS UI, behavior changes, and known limitations are described in New UI of Web Application Scanning.

What's New?

New Widgets in Dashboard

With this release, you can create new widgets to display scan schedules and report schedule data.

Example of creating a widget with scan schedule data

The following image indicates the widget creation with the scan schedule type.

scan schedule widget creation

The widget created is added to the Dashboard

scan schedule widget added to dashboard

Audit Log Service Integration 

With this release, the Web Application Scanning is integrated with Audit Log Service. This helps in faster search through the audit logs to find actions performed in WAS UI, API, and other services. 

The action logs generated from WAS UI, API, and other services, are listed in the Activity Log tab of the Administration utility using the audit log service. 

 To enable this feature, contact your Qualys representative.

Scan Progress Indicator

With this release, the scan progress bar is introduced to display the current status of the scan. The scan progress scan is available in the View Scan Details window > Overview tab.

The green color indicates the scan steps that are completed, and the orange color indicates the scan steps that are in progress.

Discovery Scan Progress Bar 

The discovery scan progress bar displays three phases:

scan progress for discovery scan

Vulnerability Scan Progress Bar

The vulnerability scan progress bar displays four phases. 

vulnerability scan progress bar

Enhancement in Retest Functionality for Multiple Detections

With this release, you can combine the multiple detections for the web application with the same or different QIDs and launch a retest for the detections together. 

Earlier, the retest for multiple detections could be launched only when the detections belonged to the same web applications and the same QID.

 The retest is applicable for Qualys findings that are non-ignored, in the vulnerabilities or sensitive content category.

The Retest option is not available in the following scenarios:

  • If detections with Under_Retest or Cancel_Retest status are included in the selected detections.
  • If detections with the Information Gathered category are included in the selected detections.

Issues Addressed

The following reported and notable customer issues have been fixed in this release.

Category/Component Issue


An issue was observed where data did not load in the Web Applications and Scans tabs in WAS new UI. However, the data was visible in the classic WAS UI. This issue is fixed.


We have fixed an issue where the subusers could not launch the test authentication scan.


An issue was observed when the user tried to launch a retest for multiple detections using the new WAS UI.  

This issue is resolved, and the user can retest multiple findings from the same web application. 


An issue where the Super User could not edit authentication records with selenium scripts created by inactive or deleted users is fixed.


In a scenario where the user has created a web application report schedule and edits the name of the web application included in the report, the new name of the edited web application is not displayed in the report schedule. 

This issue is resolved, and the edited name of the web application is displayed in the Target section of the web application report schedule.


A discrepancy was observed in the data displayed in the dashboard widget and the actual data. The issue is resolved.