We performed a comparison between Acunetix and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"The usability and overall scan results are good."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"Overall, it's a very good tool and a very good engine."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"I haven't seen reporting of that level in any other tool."
"By using QualysGuard, we are able to finish external scans with assured results in half the time."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"The product prevents possible vulnerabilities in our network."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"The pricing is a bit on the higher side."
"The solution's pricing could be better."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"Tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"The solution can be improved by adding the ability to scan subdomains automatically, and by providing reports that can be exported to external databases to share with other solutions."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"They should try to include business logic vulnerabilities in the scanner testing."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"Deployment can be complicated."
"The solution needs to adjust its pricing. They should make it more affordable."
"It should have better automatic reporting."
"There should be better visibility into the application."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
More Qualys Web Application Scanning Pricing and Cost Advice →
Acunetix is ranked 16th in Application Security Tools with 26 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Acunetix is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, HCL AppScan and Checkmarx One, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and HCL AppScan. See our Acunetix vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.