WAS: Is it possible to scan ftp://XYZ .com. , instead of http?
This is something we do not currently support with Qualys WAS. Most of the time FTP over HTTP is when the browser communicates HTTP to a proxy/gateway and then the gateway communicates FTP to the actual FTP server. So testing ftp://xyz.com with Qualys WAS would test mainly the proxy/gateway which is doing HTTP-to-FTP translation and much on the end of the FTP server.
So, my question is what would you be wanting to test or scan for as far as coverage or vulnerabilities or vulnerability types?
If you feel this is a valid request that you want to pursue, I would encourage you to open up a Feature Request (FR) with your Technical Account Manager (TAM) and all valid information can then be gathered. We can then pursue development of this feature for a future release if it makes sense and is feasible.
Retrieving data ...