Qualys Web Application Scanning Benefits
Qualys Web Application Scanning (WAS) is a DAST tool. It stands for Dynamic Application Security Testing. Unlike SAST (Static Application Security Testing) tools, WAS doesn't examine source code. Instead, it interacts with your web application like a real user, analyzing its responses to identify vulnerabilities.
Qualys WAS also integrates with WAF (Web Application Firewall) solutions, including potentially your company's standard WAF or Security Assertion Markup Language (SAML) interface.
View full review »It gave us an idea of what lay in our network, and the vulnerabilities in it. Most IT admins are not aware of what is happening on the network. It was able to advise them of what's happening on the network. They could see the web-based applications and where attacks on the outside were coming from.
On the dashboard, you can see vulnerabilities that you have, as they are increasing or reducing over periods of time.
View full review »WAS gave us visibility into our externally exposed web applications and showed us vulnerabilities that we were not aware of and did not know how to test for. We didn't need any knowledge of these vulnerabilities or how they worked to scan for them and to gain the visibility.
View full review »Buyer's Guide
Qualys Web Application Scanning
April 2024
Learn what your peers think about Qualys Web Application Scanning. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,246 professionals have used our research since 2012.
The biggest benefit was integrating Qualys scanning into our CI/CD pipeline to vulnerability-scan new custom machine images (for OpenStack or AWS) before deployment. We’d build the image, instantiate it, run Qualys against it, get the report, post-process it, look for new errors or changes (if any), review just those and either block deployment or update our exceptions list for next time.
It's provided us with comprehensive, proactive, and automated vulnerability assessment.
View full review »RT
Reviewer32192
Delivery Manager at a tech vendor with 1,001-5,000 employees
We are looking for automation in our scanning activities or projects, because manual won't work. So, automation is required for us. As a result, using the Qualys scanner result is helpful for us.
View full review »We use many other products along with Qualys. In a way, Qualys dashboards are good to keep track of vulnerabilities found asset-wise.
View full review »AJ
Lead43690
Lead Security Architect at a financial services firm with 501-1,000 employees
With our vulnerabilities under control, it puts our services in compliance and minimizes our risk for exposure.
View full review »In order to finish a project, a penetration test in our company is on average five days, including documentation. Without this tool, the testing would take five days!
By using QualysGuard, we are able to finish external scans with assured results in half the time.
View full review »Dynamic features for pen testing automation, with manual.
View full review »Scheduling feature allows to scan on the weekends and holidays in a planned way.
View full review »SC
CybSec9734
Cyber Security Consultant at a tech services company with 10,001+ employees
It definitely helps us with the remediation process as we can create different reports, whatever is required at the time.
Buyer's Guide
Qualys Web Application Scanning
April 2024
Learn what your peers think about Qualys Web Application Scanning. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,246 professionals have used our research since 2012.