We performed a comparison between Acunetix and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"Our developers can run the attacks directly from their environments, desktops."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"The interface is user-friendly and easy to understand."
"By using QualysGuard, we are able to finish external scans with assured results in half the time."
"It is a very stable solution."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"This product is designed for easy scalability and can easily scale up without major challenges."
"It is a good product for website penetration testing to detect vulnerabilities."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"The vulnerability identification speed should be improved."
"Acunetix needs to improve its cost."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"Acunetix needs to include agent analysis."
"The reporting contains too many false positives."
"In certain cases, this product does have false positives, which the company should work on."
"Deployment can be complicated."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"When comparing this solution to Veracode, Veracode has good interactive features and gives a clear understanding of what the vulnerabilities are, which error line of the vulnerability is on and what can be done. It gives interactive features, whereas this solution does not give a clear understanding of where or how to fix the problem."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The solution needs to adjust its pricing. They should make it more affordable."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
More Qualys Web Application Scanning Pricing and Cost Advice →
Acunetix is ranked 17th in Application Security Tools with 26 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Acunetix is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Rapid7 Metasploit, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Snyk. See our Acunetix vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.