Are Your Public Facing Web Applications Vulnerable to Log4Shell?

Quickly identify your vulnerable web applications using our cloud platform

Attackers are leveraging Log4Shell to attack web applications, and they likely have internet-facing applications at the top of their hit list. Web Application Scanning capabilities are essential to detect these vulnerabilities as they simulate the attack of Log4Shell exploits.

To help the security community during these challenging times, we are opening up access to our industry-leading Qualys Web Application Scanner (WAS) that can scan your external web applications for the Log4Shell (CVE-2021-44228) vulnerability.

Detect Before Attackers Do

Proactively scan your internet-facing web applications and APIs using techniques similar to what the hackers use to find applications vulnerable to Log4jShell (CVE-2021-44228) before the attackers do.

No Install, No Configurations

Scans are done directly from the Enterprise TruRisk Platform, eliminating the need to install software or make network configuration changes, which means you can start scanning your websites in less than 30 minutes.

Detections Simulate Log4Shell Attacks

Qualys researchers have created highly accurate tests that simulate common Log4Shell attacks to detect vulnerable web applications without false positives. The team is constantly expanding its Log4Shell detection logic and will update Log4Shell related signatures as needed.

Create your account

Enable Qualys Web Application Scanning for 30 day free access

By submitting this form, you consent to Qualys' privacy policy.

Note: We are working hard to accommodate the increased demand. Requests will be provisioned on first come first serve basis with priority given to helping our existing customers.