I use Qualys Web Application Scanning, and we are using Vulnerability Management.

By Vulnerability Management, I mean not TotalCloud; they have some on-premises solutions also.

Patch Management and Asset Management is what we do. We manage our assets, which in our case, are not just physical hardware but also virtual machines and remote desktops. We have to do our scanning on some 32 to 64 IP subscription setups, and we manage only those setups, not the entire organization because for that we have our own solutions. Our company has bigger security processes, but still, we use Qualys Web Application Scanning for some kind of security testing.

Our application that we use is the Qualys Enterprise TruRisk Platform, which is what we purchased and licensed, and currently, we are using it.

In the Qualys Enterprise TruRisk Platform, we have VMDR, and for Web Application Scanning, I can give positive feedback that the tool is able to catch most of the known vulnerabilities. However, tools such as Qualys Web Application Scanning do not typically check whether a vulnerable version is really impacting us or not. For example, if I am using a vulnerable Apache server, the tool flags it but won't check my safeguards that mitigate the vulnerability. So, while it flags vulnerable versions, I often find false positives. Previously, we used Qualys Web Application Scanning as an agent-based application for our cloud application, installing Qualys agents in all our Kubernetes pods or clusters with scanning running every 24 hours to find vulnerabilities. We removed Qualys agents from our cloud applications and now use our internal tools, but for on-premises applications, we still use Qualys Web Application Scanning, with VMDR being the tool I use most for vulnerability management, along with Qualys WAS as well.

We use Qualys Web Application Scanning for compliance requirements, scanning all applications once a month. We mainly focus on host-based scanning and PCI compliance. We also utilize its global asset view module.

We use Qualys Web Application Scanning from a development perspective. It provides fewer false positives and is accurate. We have also integrated this tool into our CI/CD pipeline. Additionally, we use it for web application scanning. We have over two thousand applications that need to be scanned monthly, and we can schedule scans according to our time zone.

I use Qualys Web Application Scanning for web application scanning for customers. I set up scans, schedule scans, and perform authenticated scans. On customer request basis, I initiate scans, download the reports, and review the findings.

We use Qualys Web Application Scanning testing features, specifically TLS for compliance. While web application scanning still requires manual testing, from an automation perspective, we fulfill our compliance checks. We have a compliance requirement to perform scans on a quarterly basis, so Qualys Web Application Scanning helps with those automated scanning needs.

We use the platform for vulnerability management and website testing. It helps us identify and remediate web-based vulnerabilities in our applications, ensuring their security from potential attackers.

We use it as part of our vulnerability management strategy. Specifically, we scan web applications to identify vulnerabilities during deployment. Additionally, we use container scanning to check container vulnerabilities and infrastructure scanning to assess server vulnerabilities.

We use the solution for multiple purposes, such as infrastructure vulnerability scanning and web application scanning.

We use the solution to scan the website.

I use Qualys Web Application Scanning for various customers both within and outside the country.

Our clients are mainly from the education and banking sectors, where we support them with financial and backend services.

We use the software to help us with application scaling. We can scale our server environment both on Linux and Microsoft using it.

We have been using Qualys Web Application Scanning for automated web architecture scanning in an enterprise environment.

The primary use case includes scanning the web applications that are public facing.

Our customers use the solution to audit their web-application before releasing them to the Internet.

We use the solution for scanning and vulnerability management.

The primary use case includes scanning the web applications that are public facing.

We use the solution alongside others for static scanning. It's used for endpoint scanning. 

My main use of Qualys WAS is for multifactor authentication for web and mobile applications.

There are two parts. We use Web Application Scanning licenses to constantly assess our websites. When there are any changes on our websites, Qualys checks to see if there is a vulnerability. We use a SecOps/DevOps methodology, so Qualys is integrated into the development cycle. Qualys runs every time we update the site.

My company works for another company called Ecolab here in Bangalore. We are an Ecolab digital center, we develop mobile application. We use Vericode and this solution for testing these web applications before going live. This includes the full testing periods and the production phase. Once it has been tested, we then get them ready to go live.

We are using Qualys for vulnerability detection in our IDC (International Data Center) on our web pages and world-wide-web applications and services.  

I think we have the fastest version, and they always upgrade it. I think it's the $2 or $3-a-month version. They have multiple engines inside it, but it's a site-based service. It is not on-demand, so Qualys will host it. It's the pay as you go service that is on the software-as-a-service. 

We use the DAST, dynamic application scan test.

We primarily use Qualys Web Application Scanning for website penetration testing.

We are using Qualys Web Application Scanning for our customers. We have the expertise in the solution to provide our customers with the results.

We use the tool for scanning web applications for our clients.

We primarily use this solution for VM scanning. We scan more than a thousand applications.

For some projects, we will need to use this on-premises. It depends on the confidentiality of our project. For other projects, we will also be deploying on the cloud or maybe a hybrid solution as well.  

We are looking forward to having a relationship as a partner with this company and maybe one or two others. We are not just a customer. We have a bunch of freelancers that we are working with in three different companies in Slovenia, Australia, and other countries. We are looking for solutions to make our testing and security checks more affordable.  

My primary use case of this solution is to audit the security level of my customer's internet. We offer this as a service.

The demo was mainly centered around vulnerability management. We were looking to find a tool which is able to do vulnerability management for internal assets and web applications which face the Internet and are exposed on it. We want a platform which can do vulnerability assessment for internal assets and also for assets which are published on the internet.

I did this demo for three to six months.

We use it for external connection testing whenever we have a customer who utilizes post scanning tools for their main message. From the scanner's perspective, we use the scanner results to do manual testing.

We have a lot of applications in our environment that we need to scan frequently. We have a lot of tutorial sites, e-learning sites, and other related websites which we have to build, maintain, and scan continuously for security purposes.

Cloud hosted application, and was also accessible through mobile app.

We use Qualys Internet-based scanners for external penetration testing as well as PCI scans for our clients. The tool being Internet based, it can be accessed from any location, and it does not have issues with updating the patches as well as versions (QualysGuard updates the tool at specific periods in a year with prior information). The report generated by QualysGuard is very detailed and easy to understand.