53 matches found
Qualys Cloud Platform 2.34 New Features
This release of the Qualys Cloud Platform version 2.34 includes updates and new features for Cloud Agent, EC2 Connector, Continuous Monitoring, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. Cloud Agent Automatic Merge of Cloud...
Qualys Cloud Platform 2.33 New Features
This release of the Qualys Cloud Platform version 2.33 includes the release for CertView, plus updates and new features for AssetView, Cloud Agent, EC2 Connector, Security Assessment Questionnaire, Web Application Scanning, and Web Application Firewall, highlights as follows. This posting has bee...
Qualys Cloud Platform 2.31 New Features
This release of the Qualys Cloud Platform version 2.31 includes updates and new features for AssetView, Cloud Agent, EC2 Connector, Web Application Scanning, Web Application Firewall, and Security Assessment Questionnaire, highlights as follows. AssetView Use custom severities in AV searches and...
Qualys WAS: New Detections for XML External Entities (XXE)
In the new 2017 edition of the OWASP Top 10, XML External Entities XXE make their first appearance at A4 on the list. Qualys is pleased to announce that Qualys Web Application Scanning WAS engine 4.4 includes new detection capabilities for XXE vulnerabilities. About XML External Entities XXE If...
Bugcrowd Integration Now Available in Qualys Web Application Scanning
The new version of Qualys Web Application Scanning, WAS 5.7, adds an integration with Bugcrowd for centralized viewing and triaging of both WAS automated vulnerability detections and vulnerabilities submitted by Bugcrowd's approved security researchers. Qualys WAS customers running a bug bounty...
Qualys Cloud Platform 2.30 New Features
This release of the Qualys Cloud Platform version 2.30 includes updates and new features for Cloud Agent, EC2 Connector, Web Application Scanning, Web Application Firewall, and Security Assessment Questionnaire, highlights as follows. This posting has been updated on 9/6/2017 and 10/25/2017 to...
Qualys Cloud Platform 2.28 New Features
This release of the Qualys Cloud Platform version 2.28 includes updates and new features for Cloud Agent, AssetView, ThreatPROTECT, Security Assessment Questionnaire and Web Application Scanning, highlights as follows: Cloud Agent Cloud Agent AIX Beta – beta release of Qualys Cloud Agent supporti...
My comments on Forrester’s “Vulnerability Management vendor landscape 2017”
A top consulting company, Forrester Research, recently published report "Vendor Landscape: Vulnerability Management, 2017". You can read for free by filling a small form on Tenable web site. What's interesting in this document? First of all, Josh Zelonis and co-authors presented their version of ...
Qualys Cloud Platform 2.26 New Features
This release of the Qualys Cloud Platform version 2.26 includes updates and new features for Cloud Agent, AssetView, Security Assessment Questionnaire and Web Application Scanning as follows: Highlights Cloud Agent Platform View Module Activation Job Status – adds a button in Agent Management tab...
Web Application Scanning Consolidation / Info Reporting
The script consolidates and reports various information for web application formerly called SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: New / improved code since 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...
YASUO - Scans for Vulnerable & Exploitable 3rd-party Web Applications
Yasuo is a ruby script that scans for vulnerable 3rd-party web applications. While working on a network security assessment internal, external, redteam gigs etc., we often come across vulnerable 3rd-party web applications or web front-ends that allow us to compromise the remote server by exploiti...
IBM Security AppScan Enterprise Arbitrary Code Execution Vulnerability
IBM Security AppScan Enterprise is a set of U.S. IBM Web application security testing solutions. Formerly known as IBM Rational AppScan Enterprise, the program supports simultaneous scanning of multiple Web applications , generate vulnerability reports and intelligent patching . IBM Security...
Web Application Security Scanner: w3af
w3af is a Web Application Attack and Audit Framework The project’s goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Identify and exploit a SQL injection One of the most difficult parts of securing your application is to identify the...