We performed a comparison between Fortify on Demand and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I do not remember any issues with stability."
"The UL is easy to use compared to that of other tools, and it is highly reliable. The findings provide a lower number of false positives."
"Fortify on Demand can be scaled very easily."
"Once we have our project created with our application pipeline connected to the test scanning, it only takes two minutes. The report explaining what needs to be modified related to security and vulnerabilities in our code is very helpful. We are able to do static and dynamic code scanning."
"This product is top-notch solution and the technology is the best on the market."
"We have the option to test applications with or without credentials."
"Fortify on Demand's best feature is that there's no need to install and configure it locally since it's on the cloud."
"Almost all the features are good. This solution has simplified designing and architecting for our solutions. We were early adopters of microservices. Their documentation is good. You don't need to put in much effort in setting it up and learning stuff from scratch and start using it. The learning curve is not too much."
"It is a cloud-based solution, so it is easy to scale."
"It is a very stable solution."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"It is easy to use."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"Takes up a lot of resources which can slow things down."
"There is room for improvement in the integration process."
"Fortify on Demand could be improved with support in Russia."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"The reporting capabilities need improvement, as there are some features that we would like to have but are not available at the moment."
"The products must provide better integration with build tools."
"There are lots of limitations with code technology. It cannot scan .net properly either."
"Reporting could be improved."
"The support could be faster."
"There should be better visibility into the application."
"They should try to include business logic vulnerabilities in the scanner testing."
"Deployment can be complicated."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"The product should allow users to upload their payloads."
"The pricing does not seem to be competitive."
More Qualys Web Application Scanning Pricing and Cost Advice →
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. Fortify on Demand is rated 8.0, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect. See our Fortify on Demand vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.