We performed a comparison between Fortify Application Defender and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its ability to find security defects is valuable."
"The product saves us cost and time."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"The most valuable feature is that it analyzes data in real-time."
"The solution helped us to improve the code quality of our organization."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"By using QualysGuard, we are able to finish external scans with assured results in half the time."
"The product prevents possible vulnerabilities in our network."
"It is a very stable solution."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"It is easy to use."
"Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile)."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"The workbench is a little bit complex when you first start using it."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"The solution is quite expensive."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"Support for older compilers/IDEs is lacking."
"The licensing can be a little complex."
"I encountered many false positives for Python applications."
"The support could be faster."
"There should be better visibility into the application."
"They should try to include business logic vulnerabilities in the scanner testing."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"In certain cases, this product does have false positives, which the company should work on."
"The reporting contains too many false positives."
"It should have better automatic reporting."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
More Qualys Web Application Scanning Pricing and Cost Advice →
Fortify Application Defender is ranked 34th in Application Security Tools with 10 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Fortify Application Defender is rated 8.0, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Fortify Application Defender writes "Reliable solution with excellent machine learning algorithms but expensive and lacking support". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Fortify Application Defender is most compared with Checkmarx One, Coverity, CAST Application Intelligence Platform, SonarQube and Fortify on Demand, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube and PortSwigger Burp Suite Professional. See our Fortify Application Defender vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.