• WAS Engine 7.1 Released

    Greetings all!   WAS Engine 7.1 has been released to all Qualys platforms including private cloud platforms.  This release is part of our ongoing effort to continuously improve the WAS scanning engine. ...
    Dave Ferguson
    last modified by Dave Ferguson
  • Qualys WAS Update - Portal 2.40

    Greetings all!   A new version of Qualys WAS is now available.  It is part of Portal 2.40 - aka Qualys Cloud Platform 2.40 release - and it's being deployed to all shared platforms over the next few days.&#...
    Dave Ferguson
    last modified by Dave Ferguson
  • WAS Engine 7.0 Released

    Greetings all!   I'm pleased to announce that WAS Engine 7.0 has been released to all Qualys shared platforms.  This new version adds support for TLS 1.3.  A huge amount of testing went into this relea...
    Dave Ferguson
    last modified by Dave Ferguson
  • Qualys Browser Recorder v1.1.6 Now Available

    Greetings all -   I'm pleased to announce that Qualys Browser Recorder (QBR) version 1.1.6_6 has been released.  First released by Qualys in 2018, QBR is an extension for the Chrome web browser that allows ...
    Dave Ferguson
    last modified by Dave Ferguson
  • Qualys WAS update - Portal 2.39

    Greetings!   A new version of Qualys WAS is now available.  Portal 2.39 - aka Qualys Cloud Platform 2.39 release - is being deployed to all shared platforms this week and includes UI and API changes for WAS...
    Dave Ferguson
    last modified by Dave Ferguson
  • Blind Elephant Supported Detections

    The static-file web application fingerprinting function of Qualys Suite, which is based on the open-source project Blind Elephant, detects the following web applications, plugins and extensions:     Open Sou...
    Robert Dell'Immagine
    last modified by Robert Dell'Immagine
  • WAS Engine 6.7 Released

    Greetings!   WAS Engine 6.7 has been released to all Qualys platforms including private cloud platforms.  This release is part of our ongoing effort to continuously improve the WAS scanning engine.  Th...
    Dave Ferguson
    last modified by Dave Ferguson
  • Qualys Browser Recorder v1.1.4 Now Available

    Greetings all -   I'm pleased to announce that a new version of Qualys Browser Recorder (QBR) is now available.  QBR version 1.1.4_4 includes numerous bug fixes and usability improvements.  First relea...
    Dave Ferguson
    last modified by Dave Ferguson
  • New Detection for RCE in Apache Tomcat on Windows

    Hello all   Qualys WAS has been updated with a new detection for CVE-2019-0232, a remote code execution (RCE) vulnerability in Apache Tomcat running on Microsoft Windows.  This is a very serious vulnerabilit...
    Dave Ferguson
    last modified by Dave Ferguson
  • Using Qualys WAF 2.0 to Protect Against Critical Apache Struts2 Vulnerability ( CVE-2017-5638 )

    On March 7, 2017, a critical vulnerability (CVE-2017-5638) in Apache Struts2 Jakarta multipart parser was disclosed, that exposes vulnerable applications to Remote Command Execution attacks. Exploits of this vulnerabi...
    Vikas Phonsa
    last modified by Robert Dell'Immagine
  • Protect Against Critical IIS 6.0 Buffer Overflow vulnerability (CVE-2017-7269) with Qualys WAF

    Security researchers have disclosed a Buffer Overflow vulnerability (CVE-2017-7269) in the Microsoft Internet Information Service (IIS) 6.0 web server included in the Windows Server 2003 R2. Qualys Web Applicatio...
    Vikas Phonsa
    last modified by Robert Dell'Immagine
  • Web Application Firewall

    Web Application Firewall Qualys Web Application Firewall protects web sites against attacks on server vulnerabilities and web app defects; makes it possible to strongly secure web apps against cross-site scripting (XS...
    Robert Dell'Immagine
    last modified by Robert Dell'Immagine
  • WAS Engine 6.6 Released

    Hello all -   WAS Engine 6.6 has been released to all Qualys platforms including private cloud platforms.  This release is part of our ongoing effort to continuously improve the WAS scanning engine.  T...
    Dave Ferguson
    last modified by Dave Ferguson
  • WAS Engine 6.2 Released

    Hello all -   WAS Engine 6.2 has been released to all Qualys platforms including private cloud platforms.  This new release is part of our ongoing effort to continuously improve the WAS scanning engine....
    Dave Ferguson
    last modified by Dave Ferguson
  • New Detection for RCE in Drupal Core 8.5.x and 8.6.x

    Hello all   The Qualys WAS scanning engine has been updated with a new detection for CVE-2019-6340, a remote code execution (RCE) vulnerability in the Drupal CMS.  To exploit this vulnerability, an attacker&...
    Dave Ferguson
    last modified by Dave Ferguson
  • New Detection for File Content Disclosure Vulnerability in Ruby on Rails

    Hello all   The Qualys WAS scanning engine has been updated with a new detection for CVE-2019-5418, a serious file content disclosure vulnerability in Ruby on Rails.  Ensure that QID 150237 is enabled in you...
    Dave Ferguson
    last modified by Dave Ferguson
  • WAS Engine 6.5 Released

    Hello all -   WAS Engine 6.5 has been released to all Qualys platforms including private cloud platforms.  This release is part of our ongoing effort to continuously improve the WAS scanning engine.  T...
    Dave Ferguson
    last modified by Dave Ferguson
  • Behaviour Settings Explained

    As part of the WAS options profile, you can define how you want the scanning to handle network and application errors. This is defined in the Behaviour Settings under Scan Parameters.  There are two settings that...
    Ian Johnson
    last modified by Ian Johnson
  • WAS Engine 6.4 Released

    Hello all -   WAS Engine 6.4 has been released to all Qualys platforms including private cloud platforms.  This release is part of our ongoing effort to continuously improve the WAS scanning engine.  T...
    Dave Ferguson
    last modified by Dave Ferguson
  • WAS Engine 6.3 Released

    Hello all -   WAS Engine 6.3 has been released to all Qualys platforms including private cloud platforms.  This new release is part of our ongoing effort to continuously improve the WAS scanning engine....
    Dave Ferguson
    last modified by Dave Ferguson