-> Scan a web application

A vulnerability scan is designed to inspect an organization's IT assets (e.g., networks, servers, applications) for known security weaknesses.

➤ What is the purpose of an application scan?

A vulnerability scan helps with three main verticals:

• Vulnerability Detection: Discovers flaws such as outdated software, misconfigurations, and weak passwords that could be exploited.

• Risk Prioritization: Ranks identified vulnerabilities based on severity and potential impact, allowing teams to focus on the most critical risks.

• Compliance and Reporting: Generates detailed reports to demonstrate a commitment to security and help meet regulatory requirements like GDPR, NIS2, or PCI-DSS.

➤ Initiating a scan

The agent is designed to perform the manual tasks related to running scanning and managing remediation efforts afterwards.

Due to Qualys’s policy you will only be able to scan domains associated with your email eg. xyz@so-cyber.com can scan domains associated with so-cyber.com. Otherwise you will have to add the associated text to your infrastructure (as seen on the image).

⌨️ "Scan exampleinc.com"

A real scan will find much much more data!

Get actionable recommendations

Once you have performed the scan the agent will allow you to directly query the data for recommendations.

Once you have successfully completed the scan you can experiment with the features at ➤ Web Application Scanning (currently Qualys)