Qualys Web Application Scanning Engine 8.9 has been released to all Qualys platforms including private cloud platforms. This release is part of our ongoing effort to continuously improve the scanning engine in Qualys Web Application Scanning.
This update includes the following changes:
- Various OAuth2 improvements
- OpenAPI/Swagger – use file base URL for API server
- Differentiate page load time from average server response time
- Retest persistent XSS vulnerabilities for improved accuracy
- Detection for unprotected Docker REST API
As always, if you encounter any problems in your WAS scans, please open a support ticket by selecting Help > Contact Support while logged into the platform. Feel free to post a question on Qualys Community as well.