We primarily use this solution for VM scanning. We scan more than a thousand applications.
Qualys Web Application Scanning Review
User-friendly, good scanning analysis and reporting, and offers real-time vulnerability monitoring
What is our primary use case?
What is most valuable?
The most valuable features are scanning analysis and reporting.
This solution also provides real-time monitoring.
The interface is user-friendly and easy to understand.
What needs improvement?
The reporting needs to be improved because there are a lot of search parameters, and at the end of the day, the reports are so large that it is very difficult for us to go through each and every point to analyze the vulnerabilities.
The scanner reports a lot of false positives, which is something that needs to be improved.
For how long have I used the solution?
We have been using Qualys for almost a year.
What do I think about the stability of the solution?
The stability is good.
What do I think about the scalability of the solution?
In terms of scalability, Qualys is good.
How are customer service and technical support?
I have not dealt with technical support yet because there are other people dealing with issues that arise. My understanding is that technical support is good.
Which solution did I use previously and why did I switch?
I have also used the Nexus Vulnerability Scanner and it reports fewer false positives.
How was the initial setup?
This solution was implemented before I joined the department.
What's my experience with pricing, setup cost, and licensing?
There are different options available with respect to licensing.
What other advice do I have?
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Private Cloud
**Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Last updated: Jan 30 2020
More Qualys Web Application Scanning reviews from users...who work at a Financial Services Firm
...at Large Enterprises
...who compared it with Rapid7 AppSpider
Find out what your peers are saying about Qualys, Veracode, Acunetix and others in Application Security. Updated: April 2021.
501,151 professionals have used our research since 2012.
Author
reviewer1228896
Security Analyst at a tech services company with 10,001+ employees
Real User
Highlights
Pros
The interface is user-friendly and easy to understand.
Cons
The scanner reports a lot of false positives, which is something that needs to be improved.
Pricing Advice
There are different options available with respect to licensing.
Popular Comparisons
PortSwigger Burp Suite Professional
Fortify WebInspect
Acunetix Vulnerability Scanner
Rapid7 InsightAppSec
Sonatype Nexus Lifecycle
Micro Focus Fortify on Demand
Tenable.io Web Application Scanning
Netsparker Web Application Security Scanner
Buyer's Guide
Download our free Application Security Report and find out what your peers are saying about Qualys, Veracode, Acunetix, and more!
Quick Links
Learn More: Questions:
- When evaluating Application Security, what aspect do you think is the most important to look for?
- What are the threats associated with using ‘bogus’ cybersecurity tools?
- How was the 2020 Twitter Hack carried out? How could it have been prevented?
- Is SonarQube the best tool for static analysis?
- SAST vs. DAST: Which is better for application security testing?
- What are the OWASP top 10 in 2020?