Qualys integrates Selenium into web application scanner
Qualys has announced the launch of the next version of its QualysGuard web application scanner.
According to the company, version 2.1 of QualysGuard integrates with the open source Selenium engine, which enables users to record their browser actions and save them as scripts that can then be replayed at a later time. Qualys said that through its use of Selenium, Web Application Scanning 2.1 can effectively scan web applications that require complex authentication with multi-step login processes.
Philippe Courtot, chairman and CEO of Qualys, said: “While we now identify and eliminate vulnerabilities on network devices efficiently, this is not the case for web applications which have become the primary target of cyber attacks.
“With the integration of the Selenium engine with our QualysGuard cloud-based web application scanner, we can now allow corporations and security consulting organisations to fully automate the discovery of vulnerabilities on web applications.”
In addition to Selenium support, QualysGuard now offers support for client SSL certificates that will provide users with the ability to upload client SSL certificate files, which will then be used by the scanner to perform authenticated scanning, expanding the scanning coverage and increasing the number of web application vulnerabilities identified.
Also added is a post-data blacklist, where users can identify pages for which forms should not be submitted, and additional URL support that allows users to enter a list of links to be scanned that may not be linked to the initial URL.