Web Application Scanning 

Qualys Web Application Scanning (WAS) is a cloud-based service that provides automated crawling and testing of custom web applications to identify vulnerabilities including cross-site scripting (XSS) and SQL injection. The automated service enables regular testing that produces consistent results, reduces false positives, and easily scales to cover thousands of websites. Qualys WAS is bundled with additional scanning technology to proactively monitor websites for malware infections, sending alerts to website owners to help prevent blacklisting and brand reputation damage.

  • Comprehensive protection: Qualys WAS’ native integration with Qualys Web App Firewall (WAF) provides for one-click virtual patching of identified vulnerabilities.
  • Clarity and control: A single interface lets you identify, manage and fix all web app vulnerabilities and misconfigurations.
  • App dev hygiene: Integrates with the software development lifecycle allowing scans at any time by developers, QA, and security teams, as well as automating scans in DevOps and CI/CD pipelines.
  • Broad threat coverage: Detect, identify, assess, track and remediate OWASP Top 10 risks, WASC threats, CWE weaknesses, and web-based CVEs.