GitLab vs Qualys Web Application Scanning comparison

GitLab
Read 70 GitLab reviews
  • 4,546 Views
  • 3,575 Comparison Views
98% willing to recommend
Qualys Web Application Scan...
Read 31 Qualys Web Application Scanning reviews
  • 4,482 Views
  • 3,461 Comparison Views
84% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between GitLab and Qualys Web Application Scanning based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed GitLab vs. Qualys Web Application Scanning Report (Updated: May 2024).
Buyer's Guide
GitLab vs. Qualys Web Application Scanning
May 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

GitLab
Ranking in Application Security Tools
6th
Ranking in Static Application Security Testing (SAST)
7th
Average Rating
8.6
Number of Reviews
70
Ranking in other categories
Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (10th), Software Composition Analysis (SCA) (6th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (3rd)
Qualys Web Application Scan...
Ranking in Application Security Tools
19th
Ranking in Static Application Security Testing (SAST)
14th
Average Rating
7.8
Number of Reviews
31
Ranking in other categories
No ranking in other categories
 

Market share comparison

As of June 2024, in the Application Security Tools category, the market share of GitLab is 3.7% and it increased by 17.0% compared to the previous year. The market share of Qualys Web Application Scanning is 2.4% and it increased by 24.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
Unique Categories:
Build Automation
24.4%
Release Automation
37.9%
Static Application Security Testing (SAST)
1.8%
 

Featured Reviews

SP
Mar 12, 2024
Improved our CI/CD processes in software dependency management
GitLab has improved our CI/CD processes in software dependency management. It handles conflicts between versions seamlessly, such as when merging different features into the main branch. With GitLab, there are no conflicts in the code itself. Versioning is also efficiently managed within GitLab, allowing us to easily track the latest main branches, previous branches, and releases. For example, if a software depends on specific versions, it's easily traceable using GitLab. One of the most significant advantages is the built-in DTS, which supports ample file storage. This capability allows us to store 30-40 gigabytes of repository sizes. The code diffs available in GitLab show the differences between the older version and the current one, indicating what has been added, deleted, or modified across the codebase. This helps you understand which portions of the code have changed within a particular file, such as a Python script, aiding in traceability and version management. The merge request feature is standard and available even in GitHub, making it accessible on most Git platforms. It is one of the fundamental features of GitLab, a free product. Overall, I rate the solution a seven out of ten.
Read full review
Brammadevan K - PeerSpot reviewer
Feb 22, 2024
Operates as a DAST tool, examining the application from an external perspective to identify security issues
One area for improvement is the application scan interface. Although recent updates have introduced some features, there's a gap in supporting standards beyond OWASP. Currently, there isn't an option to select or integrate other security standards directly within the platform, which limits the scope of scans to primarily OWASP. For broader compliance, custom integrations are required, which is a cumbersome process. The platform primarily supports OWASP standards for scanning. If an organization needs to comply with other standards, such as ISO or NIST, there's no straightforward option to select these within the scanning interface. This limitation requires custom solutions to meet other compliance requirements, which is not ideal. Qualys should enhance its interface to allow users to easily select and scan according to multiple standards, not just OWASP. This includes both internal and external scans, providing a more flexible and comprehensive approach to web application security. In addition to choosing standards, there's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage. The process should be simplified to eliminate the need for two distinct setups for internal and external scans within Qualys.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Their CI/CD engine is very mature. It's very comprehensive and flexible, and compared to other projects, I believe that GitLab is number one right now from that perspective."
"CI/CD is valuable for me."
"I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently."
"The dashboard and interface make it easy to use."
"It speeds up our development, it's faster, safer, and more convenient."
"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"The user interface is really good so that helps with huge teams who need to collaborate."
"The solution is stable."
More GitLab pros
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"​We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues.​"
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"​This product is designed for easy scalability and can easily scale up ​without major challenges."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"It is easy to use."
More Qualys Web Application Scanning pros
 

Cons

"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc."
"The only thing our company is really waiting on in terms of features is the development of metrics."
"GitLab's Windows version is yet not available and having this would be an improvement."
"The solution should again offer an on-premises deployment option."
"It would be better if there weren't any outages. There are occasions where we usually see a lot of outages using GitLab. It happens at least once a week or something like that. Whatever pipelines you're running, to check the logs, you need to have a different set of tools like Argus or something like that. If you have pipelines running on GitLab, you need a separate service deployed to view the logs, which is kind of a pain. If the logs can be used conveniently on GitLab, that would be definitely helpful. I'm not talking about the CI/CD pipelines but the back-end services and microservices deployed over GitLab. To view the logs for those microservices, you need to have separate log viewers, which is kind of a pain."
"I would like to see better integration with project management tools such as Jira."
"There is a need to improve or adopt AI into the ecosystem like a co-pilot, which Microsoft has done with GitHub."
"Some of the scripts that we encountered in GitLab were not fully functional and threw up errors."
More GitLab cons
"The product's pricing could be better."
"The support could be faster."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"The software’s pricing could be improved."
"The pricing does not seem to be competitive."
"The product should allow users to upload their payloads."
"The solution needs to adjust its pricing. They should make it more affordable."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
More Qualys Web Application Scanning cons
 

Pricing and Cost Advice

"I'm not aware of the licensing costs because those were covered by the customer."
"The solution is based on a licensing model that includes technical support and is paid annually."
"The solution's standard license is paid annually. They have changed the pricing model and it used to be better. There is a free version available."
"In terms of the pricing for GitLab, on a scale of one to five, with one being expensive and five being cheap, I'm rating pricing for the solution a four. It could still be cheaper because right now, my company has a small team, and sometimes it's difficult to use a paid product for a small team. You'd hope the team will grow and scale, but currently, you're paying a high license fee for a small team. I'm referring to the GitLab license that has premium features and will give you all features. This can be a problem for management to approve the high price of the license for a team this small."
"This is an open-source solution."
"The price is okay."
"Its price is fine. It is on the cheaper side and not expensive. You have to pay additionally for GitLab CI/CD minutes. Initially, we used the free version. When we ran out of GitLab minutes, we migrated to the paid version."
"This product is not very expensive but the price can be better."
More GitLab pricing and cost advice
"We are on an annual license for the solution and the pricing could be more affordable."
"We normally purchase an annual license."
"The product is expensive, at least initially, in comparison to other products in this category."
"Pricing was reasonable and competitive. It was not too far above the other products."
"Licensing was based on the number of assets that you want to scan on your network. You can also do licensing on subscription. On subscription, it is easier and more flexible. You tell Qualys that you want to move from the 1000 to 2000 band or the 3000 or 5000 band, then they will give you the quotation for it. Once you pay for it, applying the licensing is quite easy and effective."
"The product has a very good licensing model."
"Try the free trial of the product to understand the basic working mechanisms.​"
"Qualys WAS' pricing is competitive."
More Qualys Web Application Scanning pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Computer Software Company
12%
Financial Services Firm
11%
Manufacturing Company
8%
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
See all answers
What is your experience regarding pricing and costs for GitLab?
For small-scale usage, GitLab offers a free tier. For enterprise pricing, GitLab is more expensive than GitHub, as it's not as widely adopted. GitLab is the preferred choice for many developers des...
See all answers
What needs improvement with GitLab?
I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities. Better integration and usability within the pipeline could make a significan...
See all answers
What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
See all answers
What is your experience regarding pricing and costs for Qualys Web Application Scanning?
From my perspective, it is a budget-friendly option. Qualys offers good value for the features and protection it provides. The pricing seems reasonable, considering the comprehensive security solut...
See all answers
What needs improvement with Qualys Web Application Scanning?
One area for improvement is the application scan interface. Although recent updates have introduced some features, there's a gap in supporting standards beyond OWASP. Currently, there isn't an opti...
See all answers
 

Comparisons

Microsoft Azure DevOps vs GitLab Logo
Microsoft Azure DevOps vs GitLab
Compared 50% of the time
SonarQube vs GitLab Logo
SonarQube vs GitLab
Compared 5% of the time
Bamboo vs GitLab Logo
Bamboo vs GitLab
Compared 5% of the time
AWS CodePipeline vs GitLab Logo
AWS CodePipeline vs GitLab
Compared 5% of the time
Tekton vs GitLab Logo
Tekton vs GitLab
Compared 4% of the time
More GitLab Competitors
OWASP Zap vs Qualys Web Application Scanning Logo
OWASP Zap vs Qualys Web Application Scanning
Compared 20% of the time
Veracode vs Qualys Web Application Scanning Logo
Veracode vs Qualys Web Application Scanning
Compared 10% of the time
SonarQube vs Qualys Web Application Scanning Logo
SonarQube vs Qualys Web Application Scanning
Compared 10% of the time
PortSwigger Burp Suite Professional vs Qualys Web Application Scanning Logo
PortSwigger Burp Suite Professional vs Qualys Web Application Scanning
Compared 7% of the time
Fortify Application Defender vs Qualys Web Application Scanning Logo
Fortify Application Defender vs Qualys Web Application Scanning
Compared 2% of the time
More Qualys Web Application Scanning Competitors
 

Product Reports

Buyer's Guide
GitLab
June 2024
GitLab reportDownload GitLab product report
Buyer's Guide
Qualys Web Application Scanning
May 2024
Qualys Web Application Scanning reportDownload Qualys Web Application Scanning product report
 

Also Known As

Fuzzit
Qualys WAS
 

Learn More

GitLab
Qualys
 

Overview

GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster. 

It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring. 

With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

Qualys Web Application Scanning (WAS) is a fully cloud-based web application security scanner. The scanner will automatically crawl periodically and test web applications to discover potential vulnerabilities, including cross-site scripting (XSS) and SQL injection. The consistent testing equips the automated service to generate consistent results, lessen false positives, and offer the ability to scale to protect thousands of websites effortlessly.

Qualys Web Application Scanning is bundled with different scanning technology to carefully scan websites for malware infections and will send notifications to website owners to assist in preventing blacklisting and brand reputation damage. As digital transformation takes place in various organizations, Qualys WAS gives organizations the ability to track and document their web app security status through its interactive reporting capabilities.

Qualys WAS empowers organizations to remediate any web application vulnerabilities quickly. Some of the key tools offered are:

  • Deep Scanning: All apps and APIs on your internal network and public cloud are covered by Qualys WAS deep scanning to show you any visible vulnerabilities.

  • DevSec Ops Tool: Detect security issues in your code while still in app development stages and generate comprehensive reports.

  • Comprehensive Discovery: Discover and catalog new and unknown web apps in your network.

  • Malware Detection: Scan a website, identify vulnerabilities, and receive alerts to any infections.


Benefits of Qualys Web Application Scanning

Qualys Web Application Scanning offers many benefits, including:

  • Quick Deployment: Requires no infrastructure or software to upkeep.

  • Effortless Scalability: Effortlessly launch a deep scan and protect thousands of websites.

  • Centralized Management: Manage and mend all web app vulnerabilities through a single interface.

  • Excellent Integration Capabilities: Integrates with Qualys Web App Firewall (WAF) for a single-click virtual patching of found vulnerabilities.

  • Respond to Threats Immediately: Qualys Continuous Monitoring offers the user a hands-free service by automatically launching scanning and sending notifications of a potential threat.

  • Cost-effective Solution: Data is analyzed in real time as Qualys WAS is an end-to-end solution; this helps avoid costs associated with managing multiple security vendors.

Reviews from Real Users

Qualys Web Application Scanning stands out among its competitors for a variety of reasons. Two of those reasons are its progressive scan and quick detection of vulnerabilities.

P.K., a senior software developer at a tech vendor, writes, "The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."

Nagaraj S., lead cybersecurity engineer at a tech service company, notes, "I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."

 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
Buyer's Guide
GitLab vs. Qualys Web Application Scanning
May 2024
Free Report: GitLab vs. Qualys Web Application Scanning
Find out what your peers are saying about GitLab vs. Qualys Web Application Scanning and other solutions. Updated: May 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our GitLab vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.