Introducing Periscope: Out-of-Band Vulnerability Detection Mechanism in Qualys WAS
Web applications and REST APIs can be susceptible to a certain class of vulnerabilities that can’t be detected by a traditional HTTP request-response interaction. These out-of-band vulnerabilities are challenging to find but provide a way for attackers to target otherwise inaccessible, internal systems. An attacker can potentially use this to their advantage.