• Dashboards and Reporting Resources - Start Here

    Welcome to Dashboards and Reporting   Welcome to our Dashboards and Reporting space.  Here we will begin to collaboratively and constructively collect relevant legacy ...
    last modified by DMFezzaReed
  • Emergency Qualys Portal Upgrades?

    Hi Friends: I've noticed a flurry of recent activity in Qualys' change controls. On March 10th, I saw [Scheduled] US Platform 2: Qualys Suite PORTAL Release Notification (CMB-65395). Today, March 16th...
    Ted Gardener
    last modified by Ted Gardener
  • Product Feature Requests

    What is a Feature Request? A Feature Request is any suggestion for an enhancement to Qualys software. Feature Requests are not a contractual obligation for Qualys to develop the suggestion or to develop the request as...
    last modified by DMFezzaReed
  • Need Help understanding Qualys scan output

    Just starting out with Qualys and attempting to understand scan results.  Is there Qualys repository that I can reference to understand scan results/findings i.e (HTTP protocol compliance failed:Null in request)?...
    Tomara Watkins
    last modified by Tomara Watkins
  • 3rd party outdated library detections

    Hi All,   I'm trying to find out if there is a way we can find out outdated or vulnerable 3rd party library vulns??   Any inputs are much appreciated.   Thanks, Akash.
    Akash Singh
    last modified by Akash Singh
  • Integration Sophos and Qualys

    Good afternoon, Is  there integration between the manufacturer SOPHOS and Qualys? Thanks.
    Ricardo S
    created by Ricardo S
  • Public methods available in Groovy Script for invocation on different objects

    av_tagging groovy
    last modified by DMFezzaReed
  • WAF Understanding the basic

    Hi guys,   I m new to Qualys WAF platform, we recently bought licence for Qualys WAF, AM, etc.   I am having some problems understanding Qualys WAF, so , I have installed it on my virtual platform, success...
    tarik B
    last modified by tarik B
  • Error While Accessing Report via API

    Getting this below Error While accessing this api- https://servername/qps/rest/3.0/get/was/report/1302�    <?xml version="1.0" encoding="UTF-8"?> <ServiceResponse xmlns:xsi="http://www.w3.org/...
    atul kumar
    last modified by atul kumar
  • How to create an Exception from a security event

    Exceptions are made for managing false-positive or false-negative events. The addition of the Exception subsystem into the Qualys WAF service provides significant flexibility in service management and security policy...
    Steve McBride
    last modified by Rémi Le Mer
  • How to create and deploy a Virtual Patch

    Virtual Patches are meant for protecting unitary vulnerabilities that are not already protected by the current WAF Security Policy.   Virtual Patching is the first step toward a tight integration between the Qu...
    Steve McBride
    last modified by Rémi Le Mer
  • Shared Assets and WAS/WAF integration

    WAS and WAF have a common licensing unit: Web Applications.   Qualys AssetView is the corner-stone of the WAF integration with WAS. Indeed, in order to cooperate, Qualys WAS and WAF modules need to share a comm...
    Steve McBride
    last modified by Rémi Le Mer
  • WAF Deployment Overview

    Qualys WAF is a virtual appliance designed for easy and flexible deployment and management. The management of the configuration is done through the cloud-based Qualys Portal, while the deployment is done on premise. Y...
    Steve McBride
    last modified by Rémi Le Mer
  • WAF SSL - Converting .pfx Certificate and Key files to Qualys WAF-compatible files

    When deploying Qualys WAF, the Portal needs to have encryption certificates and keys in the PEM format.  However, oftentimes (particularly when using Microsoft servers), you'll see an integrated certificate and k...
    Steve McBride
    last modified by Rémi Le Mer
  • WAF - Configuring your Application for SSL

    Qualys WAF includes comprehensive support for encrypted web applications and, while configuration is very simple, there are a few key concepts to keep in mind to properly configure a web application for SSL support. &...
    Steve McBride
    last modified by Rémi Le Mer
  • Qualys Cloud Suite Password Parameters and Defaults in Release 8.16

    Qualys Cloud Platform Release 8.16 includes New Password Security Options   We’ve added several new password security options to enforce a strong password policy when logging into your Qualys subscript...
    last modified by DMFezzaReed
  • There is already a site with this URL in your subscription

    I created a WAF back in May and have been successfully working with it until today, I went to save a change and got "There is already a site with this URL in your subscription" . I believe another coworker was trying ...
    Eric Carnes
    last modified by Eric Carnes
  • Google Chrome vulnerability

    Hi All, In our environment some of devices do not have google chrome installed still it is showing vulnerable to chrome for different previous version. I have checked system installation and user profiles and registry...
    Arun Kumar
    last modified by Arun Kumar
  • WAF virtual sensor hyper-v issue

    I downloaded the hyper-v version of the WAF, I tried deploying it and was successful.  However,  I cannot set the IP address of the virtual appliance.  I get the message: Interface Configuration is not ...
    last modified by quintus
  • Using Qualys WAF 2.0 to Protect Against Critical Apache Struts2 Vulnerability ( CVE-2017-5638 )

    On March 7, 2017, a critical vulnerability (CVE-2017-5638) in Apache Struts2 Jakarta multipart parser was disclosed, that exposes vulnerable applications to Remote Command Execution attacks. Exploits of this vulnerabi...
    Vikas Phonsa
    last modified by Robert Dell'Immagine