We performed a comparison between Fortinet FortiWeb and Qualys VMDR based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF)."It's stable and works efficiently against OWASP Top 10 attacks."
"Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.)."
"It's easy to use and allows us to integrate solutions together."
"FortiGate is a stable product."
"One main feature we are very happy about is file security and upload functionality."
"Auto Learn feature: Makes policy additions or deletions for my customers very simple"
"The WAF profiles has been effective at mitigating web-based threats."
"The solution is easy to configure and deploy."
"Qualys has a continuous endpoint monitoring feature for agent-based scanning. Once you deploy the solution, it monitors everything that is happening every 30 minutes. Then, if there are any vulnerabilities, they are reported."
"The integrations for this solution are very good. I use a different product for virtual patching of vulnerabilities and Qualys integrates well with that product."
"The most valuable features are vulnerability detection and the scanning capability to enable identification of vulnerabilities across our network."
"There are fewer false positives when using this solution."
"The most valuable features of Qualys VM are its ability to do proper vulnerability assessment. It has a lot of updates for all the vulnerability databases from all over the globe. It's an amazing solution when it comes to the versatility of the features it has. Additionally, the reports are very good. It generates very detailed reports about the vulnerabilities inside the environment"
"The most valuable feature of the solution is the external channel."
"Provides great functionality."
"The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities."
"FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection."
"They can introduce a scaled-down version for the SMB market. It would be very competitive in the environment."
"No solution is 100% secure and the security could always be worked on."
"For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information."
"Lacks functionalities that are available in other solutions."
"The solution could improve by providing more integration with solutions other than the Fortinet family."
"I would like to see the Application Delivery Control (ADC) and Web Application Firewall (WAF) combined in one device."
"It costs too much."
"The price could be better. Asset view is still a legacy feature. I'm not able to extract the information about the asset with complete details. It would be better if they fixed that in the next release. I know Qualys is already working on it, so I'm hopeful it will be available in the next five or six months. That would be something that's changed where I seek improvement."
"The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases."
"It would be nice to have an all-in-one solution that was automated and could handle the scanning and reports as well as the patching and updating."
"There needs to be better documentation."
"It is a struggle to be able to pull our report and to be able to do onboarding using automated tools."
"Make some minimal dashboard improvements."
"Qualys currently does not have any features for scanning SCADA, IoT, and Industrial Control Systems."
"Qualys VM could improve by having more skilled support personnel."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews. Fortinet FortiWeb is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.