How to Configure Qualys WAS to Scan URLs For Malicious Content

The Qualys Web Application scan URLs engine identifies all hard-coded and dynamically generated links to URLs as it crawls through your application. This ensures that all important content is scanned and tested for vulnerabilities.

Links are a great way to direct users through your website and application. Effective links use descriptive words to help users find the information they want, and are easy to distinguish from other content.

Adding a link to an email, for example, can improve the reputation of the content being sent and help your customers avoid phishing scams. The ability to scan URLs for malicious content is also an important aspect of any security program.

When a URL has been detected as suspicious, a warning is displayed on the web page or application, accompanied by an option to continue. If a threat is found, the URL is blocked and the user is automatically redirected to the destination URL.

Choosing the Right URL Scanner for Your Website: A Comprehensive Guide to Features and Benefits

The Qualys WAS configuration system allows you to control which URLs are scanned and tested during a scan. However, certain configurations take precedence over others.

This is why it’s important to ensure that all your configuration settings are correct and that you don’t misconfigure them. This can lead to a significant impact on your ability to detect and report on the security threats that your website or applications are facing.

You can exclude specific files, directories or file types from being analyzed by selecting the Exclude Paths and Files check box in the What to Scan page of a scan job. This is especially useful if you have a section of your site that is under construction, for example.