We performed a comparison between Acunetix and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"Our developers can run the attacks directly from their environments, desktops."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The usability and overall scan results are good."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"This product is designed for easy scalability and can easily scale up without major challenges."
"The vulnerability management feature is a strong one. And also the patch management feature."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"The interface is user-friendly and easy to understand."
"It is a good product for website penetration testing to detect vulnerabilities."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"Acunetix needs to include agent analysis."
"It would be nice to have a feature to "retest" only a single vulnerability that the customer reports as patched, and delete it from the next scans since it has already been patched."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"There's a clear need for a reduction in pricing to make the service more accessible."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"When comparing this solution to Veracode, Veracode has good interactive features and gives a clear understanding of what the vulnerabilities are, which error line of the vulnerability is on and what can be done. It gives interactive features, whereas this solution does not give a clear understanding of where or how to fix the problem."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The reporting contains too many false positives."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The pricing does not seem to be competitive."
"There should be better visibility into the application."
"The product's pricing could be better."
More Qualys Web Application Scanning Pricing and Cost Advice →
Acunetix is ranked 16th in Application Security Tools with 26 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Acunetix is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Rapid7 Metasploit, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and HCL AppScan. See our Acunetix vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.