Qualys Web Application Scanning Valuable Features
Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box.
View full review »Qualys Web Application Scanning's most valuable features are patch management, vulnerability management, and PCI compliance.
View full review »NS
NagarajSheshachalam
Lead Cyber Security engineer at a tech services company with 201-500 employees
I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews.
View full review »Buyer's Guide
Application Security Tools
March 2024
Find out what your peers are saying about Qualys, Veracode, Invicti and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.
HJ
Hwang James
Data Specialist at CHUN SHIN LIMITED
The best thing about this product is that it is really easy to use.
View full review »It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools.
View full review »Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations.
View full review »Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile).
View full review »EG
Elmano Francisco Gonga
IT Security Analyst at Banco de Fomento Angola
The product prevents possible vulnerabilities in our network.
View full review »The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera.
View full review »The monitor's ability to read the reports, or to do very detailed reports is great. It's good at looking at the different vulnerabilities. Rarely are there security loopholes. It can also suggest ways to mitigate risks and vulnerabilities.
There's a lot of great reference material.
The integration is great. It works with many different products.
PK
reviewer1387992
Senior Software Developer at a tech vendor with 1,001-5,000 employees
The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours.
View full review »MT
reviewer2254848
Technical Lead at a computer software company with 501-1,000 employees
It is a good product for website penetration testing to detect vulnerabilities.
View full review »The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done.
View full review »VJ
reviewer1138395
Sr Cybersecurity Leader at a non-tech company with 1,001-5,000 employees
Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers.
View full review »FG
reviewer2246079
Cyber Security Sales Specialist at a tech services company with 1,001-5,000 employees
The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera.
View full review »The most valuable features are scanning analysis and reporting.
This solution also provides real-time monitoring.
The interface is user-friendly and easy to understand.
View full review »- Ease of use and setup
- Visibility into our environment
The vulnerability management feature is a strong one. And also the patch management feature.
Qualys integrates with Endpoint Detection and Response (EDR) for malware detection. EDR continuously monitors endpoints and takes snapshots of all of the endpoints and assets. Any changes are collected and sent to the cloud every four hours.
EDR also provides other capabilities like incident response and campaign identification. If malware is detected, the user can get remediation steps and send alerts to the system. It also provides forensic reports if there is a need for more detailed reports from the endpoints.
Qualys is easy to use as there's no hardware to manage because it's fully cloud-based. Once the platform is installed, you can access all of our services.
The application product integration, especially integrating Qualys with the DevOps environment like Jenkins, is straightforward. It facilitates continuous testing and integration, allowing us to perform scans on a weekly or monthly basis efficiently.
View full review »We’re a Linux shop and Qualys gave us good Linux vulnerability scanning; no experience with it on MSFT products. It reports only a few glaring false-positive errors (directory ownership was a common one), and our post-processing dealt with the known exceptions we’d agreed on. The long baseline of iterative results was valuable to track changes and our rate of improvement. Access to the API let us automate its use in our CI/CD pipeline for machine images.
View full review »- OWASP Top 10 scanning
- PCI-ASV scanning
JB
Consultab6ea
Consultant at a tech services company with 1,001-5,000 employees
The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level.
View full review »RT
Reviewer32192
Delivery Manager at a tech vendor with 1,001-5,000 employees
We are using scanners and the PCI model. We do PCI scanning because we are a PCI vendor. We are using the tool to do the scanning on whatever the latest vulnerabilities there are, and Qualys is always providing us updates. We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not.
View full review »There is nothing out of the box in the Qualys web application scanning module. One good thing is that it reports fewer false positives.
View full review »AJ
Lead43690
Lead Security Architect at a financial services firm with 501-1,000 employees
The vulnerability scanning and patching features are the most valuable parts of the solution.
View full review »QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations.
View full review »GV
reviewer1254240
CEO at a tech services company with 51-200 employees
I am not the person who is actually directly testing this. One of the other people from our team is doing that. But I was involved in the selection of what we products we should compare based on available features, demos, and how products appear to meet our needs. What I remember from my experience with Qualys is that the simplicity of exporting reports and the simplicity and clarity of the reports included with the product is good. The website was also well-designed and easy to navigate. The SSL security measurements that the product offers seem comprehensive. But I can not say, at this preliminary phase, that I specifically think this or that from Qualys is the most valuable. It is intriguing enough to make our shortlist and POC efforts.
View full review »It protects against zero-day vulnerabilities, like Heartbleed.
Network scanner has good reporting, coverage was also good. In Web scanner, dashboard was good but features were limited.
View full review »WAS and being able to integrate Selenium IDE to automate the login process was most helpful.
View full review »SC
CybSec9734
Cyber Security Consultant at a tech services company with 10,001+ employees
- It's cloud-based so the installation is not so tedious.
- Easily deployed.
- Highly scalable.
- Comprehensive reporting.
Also, you can integrate your Burp Suite results and create an integrated report.
The way it shows the results - threats and exploit details - makes remediation very easy.
We have seen very few false positives. We found the documentation very useful, particularly the roll-out guide. While the tool is not hard to use, by dividing the documentation into sections, the company provided specific guidance on use cases that are not necessarily limited to the tool itself.
View full review »Buyer's Guide
Application Security Tools
March 2024
Find out what your peers are saying about Qualys, Veracode, Invicti and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.