Qualys Web Application Scanning Review

It showed us vulnerabilities that we were not aware of and did not know how to test for. The organization of the assets was a little confusing and overwhelming.


Valuable Features

  • Ease of use and setup
  • Visibility into our environment

Improvements to My Organization

WAS gave us visibility into our externally exposed web applications and showed us vulnerabilities that we were not aware of and did not know how to test for. We didn't need any knowledge of these vulnerabilities or how they worked to scan for them and to gain the visibility.

Room for Improvement

The organization of the assets was a little confusing and overwhelming. The system could also use some work in pivoting from a VM scan to add the servers with web applications exposed to the WAS server. It frequently created WAS assets that did not have web applications.

Use of Solution

I have been using it for 18 months.

Deployment Issues

Scalability would be tough because of how the endpoints are organized. We did not have any issues with deployment or stability.

Customer Service and Technical Support

We had a dedicated Technical Account Manager and the support was great.

Previous Solutions

We did not previously use a different solution.

Initial Setup

Setup of WAS is pretty straightforward and only the organization of endpoints is a bit complex.

Implementation Team

Implementation was very simple because we were only using the cloud product and did not have any on-prem scanners.

ROI

Being able to gain visibility into our environment created a great ROI and licensing for us was competitive, but would have made it tough to scale to our whole internal environment.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Add a Comment
Guest
Sign Up with Email