Qualys launches AI-powered Web Application Scanning (WAS) with API security 

Qualys launches AI-powered Web Application Scanning (WAS) with API security 

Qualys has announced the launch of its API security platform that leverages AI-powered scanning and deep learning-based web malware detection to secure web apps and APIs across the entire attack surface. 

This includes on-premises web servers, databases, hybrid, multi-cloud environments, API gateways, containerised architectures and microservices. 

APIs are integral to Digital Transformation initiatives across industries. The latest data indicates that over 83% of web traffic now comprises API traffic, highlighting their critical role in modern web applications using microservices, cloud and hybrid environments. However, this also underscores the vulnerabilities that accompany their widespread adoption.  

Kunal Modasiya, Vice President, Product Management, CyberSecurity Asset Management, Qualys, said: “Many organisations use a variety of security tools, such as SAST, DAST, SCA, or point solutions for API security that often operate in isolation, without a unified platform to integrate their findings.  

“Moreover, the absence of integration between these tools leads to a fragmented view of the application security posture and results in uncoordinated efforts and gaps in security coverage. Similarly, SAST & DAST tools offer limited coverage for API-specific issues and focus predominantly on code vulnerabilities.” .  

“Mainly, these solutions fail to extend their assessment to the runtime or environmental threats where APIs operate and provide visibility into the vulnerabilities of the underlying infrastructure hosting these APIs, leaving significant security gaps at the network and host levels.” 

Browse our latest issue

Intelligent CISO

View Magazine Archive