Qualys Web Application Scanning Reviews

Name: Qualys Web Application Scanning
Brand: Qualys
Rating: 3.9 (35 reviews)

3.9 out of 5

35 reviews
86% willing to recommend

1,171 followers

What is Qualys Web Application Scanning?

Qualys Web Application Scanning (WAS) is a fully cloud-based web application security scanner. The scanner will automatically crawl periodically and test web applications to discover potential vulnerabilities, including cross-site scripting (XSS) and SQL injection. The consistent testing equips the automated service to generate consistent results, lessen false positives, and offer the ability to scale to protect thousands of websites effortlessly.

Get the Qualys Web Application Scanning Buyer's Guide and find out what your peers are saying about Qualys Web Application Scanning, SonarQube Server (formerly SonarQube), GitLab and more!

Qualys Web Application Scanning is the #11 ranked solution in AST tools and #12 ranked solution in application security solutions. PeerSpot users give Qualys Web Application Scanning an average rating of 7.8 out of 10. Qualys Web Application Scanning is most commonly compared to SonarQube Server (formerly SonarQube): Qualys Web Application Scanning vs SonarQube Server (formerly SonarQube). Qualys Web Application Scanning is popular among the large enterprise segment, accounting for 68% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 16% of all views.

Buyer's Guide

Qualys Web Application Scanning

January 2025

Get the report

Helped 831,158 peers since 2012

Featured reviews

SubhajitAich

Security Consultant at Cognizant

I simultaneously work with Tenable and Rapid7, along with Qualys Web Application Scanning. We do not procure the licensing for these solutions. Instead, clients come to us and ask us which solution is best for them. We review their current architecture and define the best solution for them. Later, they purchase the license, and we configure it.

Read full review

Koketso Ditlhage

Information Communication Technology Specialist at UNIVERSITY OF JOHANNESBURG

The scalability of the software could be better. Its licenses are distributed through a third-party supplier at the moment. Thus, it becomes a problem in managing the numbers. The licenses stay the same, but the numbers keep on going up. I currently have 600 assets. If I go for a three-year contract, it will increase by 900 assets. It would have been great if we had direct contact with Qualys for sales and support. In the future, we plan to increase the number of users. In my team, we have three members, and the team working on the risk scan consists of six members. Overall, there are about ten users in our environment. I rate the scalability a five out of ten.

Read full review

Brammadevan K

Cyber Security Engineer at R S Consulting Services

The vulnerability management feature is a strong one. And also the patch management feature. Qualys integrates with Endpoint Detection and Response (EDR) for malware detection. EDR continuously monitors endpoints and takes snapshots of all of the endpoints and assets. Any changes are collected and sent to the cloud every four hours. EDR also provides other capabilities like incident response and campaign identification. If malware is detected, the user can get remediation steps and send alerts to the system. It also provides forensic reports if there is a need for more detailed reports from the endpoints. Qualys is easy to use as there's no hardware to manage because it's fully cloud-based. Once the platform is installed, you can access all of our services. The application product integration, especially integrating Qualys with the DevOps environment like Jenkins, is straightforward. It facilitates continuous testing and integration, allowing us to perform scans on a weekly or monthly basis efficiently.

Read full review

Qualys Web Application Scanning mindshare

Product category:

As of January 2025, the mindshare of Qualys Web Application Scanning in the Application Security Tools category stands at 1.9%, down from 2.3% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Application Security Tools

PeerAnalyst reports

Type	Title	Date
Category	Application Security Tools	Jan 21, 2025	Download
Product	Reviews, tips, and advice from real users	Jan 21, 2025	Download
Comparison	Qualys Web Application Scanning vs SonarQube Server (formerly SonarQube)	Jan 21, 2025	Download
Comparison	Qualys Web Application Scanning vs Veracode	Jan 21, 2025	Download
Comparison	Qualys Web Application Scanning vs Checkmarx One	Jan 21, 2025	Download

Title	Rating	Mindshare	Recommending
SonarQube Server (formerly SonarQube)	4.0	26.4%	81%	113 interviews Add to research
GitLab	4.3	3.0%	97%	81 interviews Add to research

Valuable Features

"The most valuable features are the scheduled scanning, detailed reports, asset management, the knowledge database, and the overall product framework."
"Automated scanning has significantly improved our web application security management by reducing manual work."
"It scans web applications to identify vulnerabilities during deployment."

Room for Improvement

"The authenticated scanning feature could be improved by adding support for real-time scanning tokens and authorization tokens."
"One area for improvement is the user interface. The new UI, which was recently upgraded, feels more complex and less user-friendly than the old version."
"It is unclear how to build automation on Qualys. We do some automation, but not fully, because working is difficult."

Pricing

"The product pricing is fair and reasonably priced."
"From my perspective, it is a budget-friendly option."
"Qualys Web Application Scanning's pricing is a bit expensive compared to other solutions available in the market."

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Qualys Web Application Scanning Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

16%

Financial Services Firm

16%

Manufacturing Company

10%

Government

Healthcare Company

Retailer

Insurance Company

Energy/Utilities Company

Educational Organization

University

Media Company

Real Estate/Law Firm

Comms Service Provider

Wholesaler/Distributor

Construction Company

Transportation Company

Non Profit

Hospitality Company

Performing Arts

Logistics Company

Consumer Goods Company

Outsourcing Company

Recreational Facilities/Services Company

Pharma/Biotech Company

Legal Firm

Compare Qualys Web Application Scanning with alternative products

Learn more about Qualys Web Application Scanning

Qualys Web Application Scanning is bundled with different scanning technology to carefully scan websites for malware infections and will send notifications to website owners to assist in preventing blacklisting and brand reputation damage. As digital transformation takes place in various organizations, Qualys WAS gives organizations the ability to track and document their web app security status through its interactive reporting capabilities.

Qualys WAS empowers organizations to remediate any web application vulnerabilities quickly. Some of the key tools offered are:

Deep Scanning: All apps and APIs on your internal network and public cloud are covered by Qualys WAS deep scanning to show you any visible vulnerabilities.
DevSec Ops Tool: Detect security issues in your code while still in app development stages and generate comprehensive reports.
Comprehensive Discovery: Discover and catalog new and unknown web apps in your network.
Malware Detection: Scan a website, identify vulnerabilities, and receive alerts to any infections.

Benefits of Qualys Web Application Scanning

Qualys Web Application Scanning offers many benefits, including:

Quick Deployment: Requires no infrastructure or software to upkeep.
Effortless Scalability: Effortlessly launch a deep scan and protect thousands of websites.
Centralized Management: Manage and mend all web app vulnerabilities through a single interface.
Excellent Integration Capabilities: Integrates with Qualys Web App Firewall (WAF) for a single-click virtual patching of found vulnerabilities.
Respond to Threats Immediately: Qualys Continuous Monitoring offers the user a hands-free service by automatically launching scanning and sending notifications of a potential threat.
Cost-effective Solution: Data is analyzed in real time as Qualys WAS is an end-to-end solution; this helps avoid costs associated with managing multiple security vendors.

Reviews from Real Users

Qualys Web Application Scanning stands out among its competitors for a variety of reasons. Two of those reasons are its progressive scan and quick detection of vulnerabilities.

P.K., a senior software developer at a tech vendor, writes, "The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."

Nagaraj S., lead cybersecurity engineer at a tech service company, notes, "I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."

Qualys Web Application Scanning was previously known as Qualys WAS.

Product Video

Qualys Web Application Scanning customers

BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.