We performed a comparison between Fortify Software Security Center and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."You can easily download the tool's rule packs and update them."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"This is a stable solution at the end of the day."
"This product is designed for easy scalability and can easily scale up without major challenges."
"It is easy to use."
"We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"It is a very stable solution."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"We are having issues with false positives that need to be resolved."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"Fortify Software Security Center's setup is really painful."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
"The solution needs to adjust its pricing. They should make it more affordable."
"In certain cases, this product does have false positives, which the company should work on."
"The support could be faster."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
More Fortify Software Security Center Pricing and Cost Advice →
More Qualys Web Application Scanning Pricing and Cost Advice →
Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews while Qualys Web Application Scanning is ranked 14th in Application Security Testing (AST) with 31 reviews. Fortify Software Security Center is rated 7.4, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Fortify Software Security Center is most compared with Fortify on Demand, Tricentis Tosca and Fortify WebInspect, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify WebInspect.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.