We performed a comparison between Fortinet FortiWeb and Qualys VMDR based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."It is easy to install and to maintain."
"It can scale well."
"FortiWeb is easy to operate with a reasonably high level of protection. FortiWeb provides multiple deployment options with a physical or virtual (FortiWeb-VM) appliance, and acts either as a reverse/transparent proxy or out-of-band. It is also available on AWS and Azure."
"The valuable feature of Fortinet FortiWeb vulnerability scanner"
"Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.)."
"FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"It's stable and works efficiently against OWASP Top 10 attacks."
"Technical support is very good."
"We also like the flexibility in their licensing."
"The initial setup was good. We didn't have any problems with it."
"They also have threat detection which maps threats. There is a feed that comes from Qualys when a new vulnerability is found. It tells us which machines are infected with that vulnerability."
"The most valuable feature is automation."
"Performs automated, regular scans in the network."
"Technical support is fantastic."
"I am impressed with the VMDR feature."
"I like Qualys because it is a very complete product, more so than Tenable."
"The product’s stability could be improved."
"The Layer 7 DDoS attacks need improvement, it could be better."
"A user interface or dashboard for troubleshooting is needed."
"Another area for improvement is logging. When troubleshooting, the logs sometimes take a while to update. We've had people report that some things aren't logged if they're successful. It's a bit hit-and-miss. For example, sometimes people access one of our services, and it's successful, but we don't see that in the logs."
"Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only."
"I had some small problems when I was upgrading firmware. After the upgrade, some of my certificates were deleted."
"The reporting could be optimized."
"For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information."
"It's quite complex on the way it is set up, so it takes a fair bit of time in order to get your head around it in order to deploy it. Once you've deployed it, then you're never confident on the versions of the browsers and the SSL certificates, etc. You have to always go back into Qualys and check."
"The price could be better. Asset view is still a legacy feature. I'm not able to extract the information about the asset with complete details. It would be better if they fixed that in the next release. I know Qualys is already working on it, so I'm hopeful it will be available in the next five or six months. That would be something that's changed where I seek improvement."
"The customer support is very bad."
"It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."
"Qualys VM's scanner doesn't pick up every vulnerability, so we have to use multiple scanners to cover that gap."
"The reporting needs improvement. It should generate much more stuff like field reports."
"Qualys VMDR is basically susceptible to false positives, and false negatives."
"Sometimes the scanning can get overwhelmed and start to drag when a lot of users are trying to scan at once."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews. Fortinet FortiWeb is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.