Log in to follow, share, and participate in this community. Not a member? Join Now! We would like to integrate WAS into CI/CD process of Azure DevOps. However, it seems WAS plug-in currently exists only for Jenkins. Can you create a WAS plug-in to integrate into Azure DevOps CICD process? In a previous post, we described how Qualys WAS added new informational QIDs to report CMS versions and CMS plugins found on your scanned web applications. Now, as part of the continuous improvement of the scann... Some customers have asked how to customize the default "Core" detection scope in WAS (e.g., remove certain QIDs or add others). This would be accomplished using the "Custom Search Lists" scope as follows. ... Hi, for one of our customers we're performing weekly scans at night. It is important to the customer the scan only takes place from 00:00 to 08:00, so it doesn't interfere with their daily routine. Over the la... My app is running on iis8. I am using form authentication where my login page Hello, Qualys WAS supports basic security testing of SOAP based web services that have a Web Service Description Language (WSDL) file within the scope of the scan. If WAS identifies a WSDL file that des... Most websites have google analytics and/or facebook scripts in their website. These scripts creates cookies that we don’t own and cannot update. In the vulnerability report, these cookies caused level 2 ... HI While creating a webapplication from API call how can i add the option profile that is part of Scan settings.How do i get the ID of option profile? Thanks, Harika Is there any way to disable default QIDs when running a SCAN? In my case, it is common to run search list-based SCANs, as an example I have a SCAN that takes hours, because standard QIDs take longer than the vulnerabi... Progressive scanning is a feature within Qualys Web Application Scanning (WAS) that is now available to all customers. The intent and goal of progressive scanning is to add a mechanism to effectively scan very large w... Hi guys, What's your strategy behind setup a WAS and VM scan against a web host? Eg.: (www.domain.com) Background: I can set up a WAS scan using the hostname but VM seems not to have ... I'm receiving 150022 Verbose Error Message vulnerabilities in my WAS scan reports that I'm not able to reproduce. All 11 of these vulnerabilities are showing a 500 error response "Server Error". ... HI While creating a webapplication from API call how can i add the Crawl Scope that is part of application details. We conducted an authenticated scan using an admin account. If an admin account with full permission was used, will using this account modify the database of an application? Hi - I've been running the following process, via PHP code, for many months without issue. The last day or so I've been having odd issues/behavior. Hopefully someone can help.... I make a cou... Introduction
Response Headers QIDs
Response Headers and Redirects
Methods to View Response Headers
Method 1: Chrome Browser Developer Tools
Method 2: Firefox Browser Web Developer
Method 3: OWASP... Greetings all! WAS Engine 7.1 has been released to all Qualys platforms including private cloud platforms. This release is part of our ongoing effort to continuously improve the WAS scanning engine. ... Hi, I have an open case since last week with not much progress but hoping someone here might have an answer. I have 4 web apps to scan that no longer support IE. Selenium script is failing because it can't find the s... I am having a web application which is having more than 20k links or pages. I would like to scan the 2000 links as they are having more hits. I tried putting the links in the whitelisting of WAS, but when I checked sc... Greetings all! A new version of Qualys WAS is now available. It is part of Portal 2.40 - aka Qualys Cloud Platform 2.40 release - and it's being deployed to all shared platforms over the next few days....