This release of the Qualys Cloud Platform version 2.42 includes updates and new features for Web Application Scanning, highlights as follows.
Web Application Scanning
- Additional XSS Payloads – A new option is available to have additional XSS payloads used in a standard vulnerability scan. Previously, these payloads were included only in an XSS Power Mode scan.
- Grouping of Information Gathered QIDs – Information Gathered QIDs (“IGs”) are now grouped appropriately into either a “Scan Diagnostic” or “Security Weakness” category.
- Verbose option in Search Web Apps API – A verbose flag can now be included in the Search Web Apps API call. Tags associated with the web app(s) will be returned when this option is enabled.
- Scan Again – The “Scan Again” option is now available via the API, not just the UI.
- Cancel Scan with Results – The “Cancel Scan with Results” option is now available via the API, not just the UI.
API updates are also included with this release:
The specific day for deployment will differ depending on the platform. Release Dates will be published on the Qualys Status page when available.
For more details about the above features – please review the release notes. Release notes will be posted as soon as they are available on the Qualys Suite Release Notes page.