Bekker's Blog

Blog archive

Qualys Adds Progressive Scanning to Web App Security Testing Service

Cloud security and compliance solution specialist Qualys Inc. is adding progressive scanning capabilities to its Web Application Scanning (WAS) product.

Making custom Web apps more secure has gotten increased attention recently as attackers have come to view Web app code as low-hanging fruit for intrusions.

The existing Qualys WAS solution is a cloud service designed for automated crawling and testing of custom Web applications. The idea is to catch common problems that are difficult to find manually, such as cross-site scripting vulnerabilities, SQL injection vulnerabilities and, later, malware infections. The defensive automated tool races against attackers' automated offensive tools to discover problems.

New with this week's announcement is a progressive scanning algorithm constructed to scan only parts of the Web site that have changed between scans.

The Qualys WAS now includes progressive crawling that expands the testing coverage over time; progressive testing that automatically starts, stops and resumes scans; and new report templates.

Posted by Scott Bekker on February 05, 2015 at 2:37 PM