1. Home >
  2. Web Application Scanning User Interface >
  3. Release 1.17

Release 1.17

October 15, 2024

 On some platforms, Web Application Scanning will be upgraded directly to WAS 1.17 from WAS 1.15.
In such a case, WAS 1.17 includes changes in WAS 1.16 along with changes in WAS 1.17. For changes made in WAS 1.16, refer to the Web Application Scanning 1.16 Release Notes

What's New?

With this release, we introduce the following new features and enhancements to the Web Application Scanning user interface.

WAS-ETM Integration

With this feature, the capabilities of the Qualys Enterprise TruRisk™ Management (ETM) application are now accessible through the Web Application Scanning (WAS) user interface. This feature also brings you the enhanced WAS user interface.

In the WAS user interface, you can view the TruRisk score and its details for your web applications as calculated in the ETM, its contributing factors, the TruRisk score calculation, and vulnerability details.

trurisk score with ETM integration.

 If you do not have a subscription to the Qualys ETM, the TrusRisk score displayed in the WAS user interface is calculated based on the QDS. If you are subscribed to the ETM, the TruRisk score is calculated based on the CVE score. 

With the Qualys WAS-ETM integration, your assets' TruRisk score is reflected in the ETM and CyberSecurity Asset Management (CSAM) applications.

 You must have an active ETM Subscription for your account to access the WAS-ETM integration. 

Enhanced WAS User Interface

With this release, we are providing you with an enhanced WAS user interface for better interaction. The enhanced WAS user interface has added two more tabs: the Statistics tab and the Sources tab.

The Statistics tab shows the details such as active vulnerabilities and their categorization based on severity levels, count of sensitive content, the number of assets in the Information Gathered state, and the OWASP top five risks. Earlier, this information was displayed in the Summary tab. 

The Sources tab displays the information of web application sources used for executing the scans. If you have an active subscription to the ETM application, the sources used for ETM scans are also displayed in this tab.

Sources tab in web app details.

 You do not need the ETM subscription to access the Statistics and Sources tabs in the WAS user interface. However, the ETM-specific information is available only to the users with an active ETM subscription. 

Issues Addressed

The following important and notable issues are fixed in this release.

Category/Component Issue Description
WAS Scans We fixed an issue where some Japanese characters in the scan completion email notification were corrupted by updating the UTF-8 library.
WAS Reports We fixed an issue where users received an error while uploading the burp report by updating the CDATA in the report files.

 

© 2024 Qualys, Inc. All rights reserved. Privacy Policy.