We performed a comparison between GitLab and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The user interface is really good so that helps with huge teams who need to collaborate."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"The most valuable features of Gitlab are integration with CIE and the ability to rapidly deploy solutions, projects, and applications. It is very easy to use, and there are no complaints."
"I have found the most valuable feature is security control. I also like the branching and cloning software."
"The solution is stable."
"GitLab is very useful for pipelines, continuous integration, and continuous deployment. It is also stable."
"The most valuable feature of GitLab is the ability to upload scripts and make changes when needed and then reupload them. Additionally, the solution is user-friendly."
"We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"It is easy to use."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"We would like to generate document pages from the sources."
"The integration could be slightly better."
"I'm new to GitLab, so I would appreciate more documentation about the code and commands."
"Even if I say I want some improvement, they will say it is already planned in the first quarter, second quarter, or third quarter. That said, most everything is quite improved already, and they're improving even further still."
"This solution could be improved by adding modifications such as slack notifications."
"Perhaps the integration could be better."
"I rate the support from GitLab a four out of five."
"It's more related to the supporting layer of features, such as issue management and issue tracking. We tend to always use, for example, Jira next to it. That doesn't mean that GitLab should build something similar to Jira because that will always have its place, but they could grow a bit in those kinds of supporting features. I see some, for example, covering ITSM on a DevOps team level, and that's one of the things that I and my current client would find really helpful. It's understandably not going to be their main focus and their core, and whenever you are with a company that needs a bit more advanced features on that specific topic, you're probably still going to integrate with another tool like Jira Service Management, for example. However, some basic features on things like that could be really helpful."
"The product's pricing could be better."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"It should have better automatic reporting."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
"The scanner reports a lot of false positives, which is something that needs to be improved."
"There should be better visibility into the application."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
More Qualys Web Application Scanning Pricing and Cost Advice →
GitLab is ranked 6th in Application Security Tools with 70 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. GitLab is rated 8.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify Application Defender. See our GitLab vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.