Can anyone please describe in details how a scan WAS works? and what are the steps that Qualys does while the scan is running?
Our WAS intelligent scan engine is quite complex and some information contained is proprietary. However, here is a basic overview on how our scans function at a high level:
Keep in mind there are a lot of phases throughout each one of these processes. Multi-threading and simultaneous testing is often performed at many levels. This list of steps is also not meant to be all inclusive and only highlights main functions at a high level.
If you do require more detail in any of the steps, I encourage you to please contact and work with your Technical Account Manager (TAM).
And if you want to learn how to use Qualys WAS, I highly recommend the Qualys Web Application Scanning Video Series. This series was just updated this week with six new videos that walk you through all steps needed to scan your web apps.
Thank you very much for your swift response.
However, can you please confirm the Qualys WAS time limit?
Sure Azhar, it is 24 hours. Please note however that with Progressive Scanning that will be released soon, larger sites can now be scanned more easily and effectively. More info on this can be found here The specified item was not found. as well as with your TAM.
Retrieving data ...