We performed a comparison between Qualys Web Application Scanning and Snyk based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"It is easy to use."
"It works with many different products."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"It is a good product for website penetration testing to detect vulnerabilities."
"We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues."
"It is easy for developers to use. The documentation is clear as well as the APIs are good and easily readable. It's a good solution overall."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"We use Snyk to check vulnerabilities and rectify potential leaks in GitHub."
"The solution's vulnerability database, in terms of comprehensiveness and accuracy, is very high-level. As far as I know, it's the best among their competitors."
"What is valuable about Snyk is its simplicity."
"The most valuable feature of Snyk is the SBOM."
"Snyk is a good and scalable tool."
"The pricing does not seem to be competitive."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"There should be better visibility into the application."
"The solution needs to adjust its pricing. They should make it more affordable."
"The software’s pricing could be improved."
"There should be better visibility into the application."
"There could be better management and faster scanning."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
"For the areas that they're new in, it's very early stages for them. For example, their expertise is in looking at third-party components and packages, which is their bread-and-butter and what they've been doing for ages, but for newer features such as static analysis I don't think they've got compatibility for all the languages and frameworks yet."
"Generating reports and visibility through reports are definitely things they can do better."
"The tool needs improvement in license compliance. I would like to see the integration of better policy management in the product's future release. When it comes to the organization that I work for, there are a lot of business units since we are a group of companies. Each of these companies has its specific requirements and its own appetite for risk. This should be able to reflect in flexible policies. We need to be able to configure policies that can be adjusted later or overridden by the business unit that is using the product."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"I would like to give further ability to grouping code repositories, in such a way that you could group them by the teams that own them, then produce alerting to those teams. The way that we are seeing it right now, the alerting only goes to a couple of places. I wish we could configure the code to go to different places."
"Offering API access in the lower or free open-source tiers would be better. That would help our customers. If you don't have an enterprise plan, it becomes challenging to integrate with the rest of the systems. Our customers would like to have some open-source integrations in the next release."
"The product is very expensive."
More Qualys Web Application Scanning Pricing and Cost Advice →
Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews while Snyk is ranked 4th in Application Security Tools with 41 reviews. Qualys Web Application Scanning is rated 7.8, while Snyk is rated 8.2. The top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Invicti, whereas Snyk is most compared with SonarQube, Black Duck, Fortify Static Code Analyzer, Veracode and GitHub Advanced Security. See our Qualys Web Application Scanning vs. Snyk report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.