Here is a question about Qualys ability to detect out-of-date software.
For example, let's say that my web site is processed by an old portal product.
In HTTP header, a client can get detailed product and version info... so that it's possible to check known vulnerabilities et so on.
a) With Qualys WAS, it seems that out-of-date software problem isn't raised.
b) With Qualys VM, also no detection. Scan is set on IP adress. With a simple request on port 80 (without web sit name) no way to reach the web site.
Am I right? Is there a solution to these problems?