We performed a comparison between Fortify Application Defender and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"The most valuable feature is that it analyzes data in real-time."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The solution helped us to improve the code quality of our organization."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"It is a good product for website penetration testing to detect vulnerabilities."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"By using QualysGuard, we are able to finish external scans with assured results in half the time."
"It works with many different products."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"Support for older compilers/IDEs is lacking."
"The false positive rate should be lower."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"I encountered many false positives for Python applications."
"The solution is quite expensive."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"Fortify Application Defender gives a lot of false positives."
"The licensing can be a little complex."
"In certain cases, this product does have false positives, which the company should work on."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"The scanner reports a lot of false positives, which is something that needs to be improved."
"The reporting contains too many false positives."
"The pricing does not seem to be competitive."
"The virus code updates are not frequent enough."
"The software’s pricing could be improved."
"The product's pricing could be better."
More Qualys Web Application Scanning Pricing and Cost Advice →
Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Fortify Application Defender is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Fortify Application Defender is most compared with Checkmarx One, CAST Application Intelligence Platform, Coverity, SonarQube and Fortify on Demand, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Rapid7 AppSpider. See our Fortify Application Defender vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.