AnsweredAssumed Answered

WAS Finding history status explanation

Question asked by Olivier on Jan 12, 2016
Latest reply on Apr 5, 2019 by Ian Johnson



Could we share a detailed description of findings status from WAS application report?


I've found from "Qualys WAS API 4.0 - Progressive Scanning" document:


Status - This tells you the finding status. Status will be one of:

1) Finding has been detected,

2) Finding has not been detected,

3) Finding has not been tested,

4) Finding could not be tested (QID was not included in scan configuration).


For 2) there are sub-messages in my point of view:

  • Finding cannot be detected anymore
  • Vulnerable URL cannot not be found anymore


Between points 2) and 3) there can be ambiguities.