Try our new research platform with insights from 80,000+ expert users

GitHub vs Qualys Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub
Ranking in Application Security Tools
6th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
93
Ranking in other categories
Version Control (3rd)
Qualys Web Application Scan...
Ranking in Application Security Tools
12th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
38
Ranking in other categories
Static Application Security Testing (SAST) (9th)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of GitHub is 0.8%, down from 1.1% compared to the previous year. The mindshare of Qualys Web Application Scanning is 2.0%, down from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Pervez Roy - PeerSpot reviewer
Very good for collaboration on software projects
We use GitHub for code repository alongside Bitbucket GitHub is very good for collaboration on software projects. We prefer Bitbucket for commercial use, while GitHub is used for open source. You can get the differences, history of changes, and version control for various pull requests. You can…
SubhajitAich - PeerSpot reviewer
A stable solution that can be used for infrastructure vulnerability scanning and web application scanning
Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly. Compared to other solutions like Tenable and Rapid7, you need to navigate a lot to get the actual results out of Qualys Web Application Scanning. If I have to search for one thing within the entire console, I have to look for it randomly. It's not very easy and very comfortable to find something. Overall, it's a very good solution, but it will be very good if the tool is more user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is really simple to set up."
"The control is the most valuable feature as developers can work on a single code."
"The features of GitHub are very nice and helpful for developers."
"The technical support of the solution is good, and our company has used it for GitHub upgrades."
"This product allows us to easily collaborate on development tasks with our subcontractors, and control the workflow as the project progresses."
"The product's initial setup phase is easy but it is always good to connect with GitHub's team that manages APIs."
"With GitHub, we can manage our development progress, CID, and continuous integration. It helps streamline our development processes effectively."
"A great feature is being able to have different repositories and different kinds of projects in a single solution at a single time. It's just a click away."
"​This product is designed for easy scalability and can easily scale up ​without major challenges."
"It is a good product for website penetration testing to detect vulnerabilities."
"It is a cloud-based solution, so it is easy to scale."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"Automated scanning has significantly improved our web application security management by reducing manual work."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"The vulnerability management feature is a strong one. And also the patch management feature."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
 

Cons

"The initial setup requires heavy documentation which can be challenging for new developers."
"The solution could have better support for the Markdown language."
"It is currently only from the development perspective. It doesn't have features related to project management and testing. It is not like Azure. So, there is a lot of room for improvement. It is a version control product, and it would be good if they can come up with a complete DevOps product."
"The security for this solution could be tightened up and improved."
"One thing GitHub could do is probably the same thing as what Sourcetree does. When solving merge conflicts, it would be helpful to have tooltips within the actions to know what changes could happen next when resolving a conflict."
"The GitHub repository needs an upgraded user interface and overall UI improvements."
"The merging features can be improved."
"One area for improvement in GitHub could be integration with other tools, such as test management or project management tools."
"I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus."
"The support could be faster."
"The solution needs to adjust its pricing. They should make it more affordable."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"When comparing this solution to Veracode, Veracode has good interactive features and gives a clear understanding of what the vulnerabilities are, which error line of the vulnerability is on and what can be done. It gives interactive features, whereas this solution does not give a clear understanding of where or how to fix the problem."
"The reporting contains too many false positives."
"We have many websites. We don't force scanning on all of them at once because it's taking some time."
"There could be better management and faster scanning."
 

Pricing and Cost Advice

"I think, in terms of price, GitHub is okay compared to other tools."
"My company purchased it. Before, we used to receive the free version, but then they purchased some of the features."
"I use the free version of the tool."
"You don't have to pay for a license if you are using the free version."
"It's cheaper than Bitbucket."
"We pay a subscription-based yearly licensing fee for the solution."
"It is open-source. There is no license for GitHub."
"GitHub is a cost-effective solution."
"Qualys Web Application Scanning's pricing is a bit expensive compared to other solutions available in the market."
"We normally purchase an annual license."
"Qualys has an IT-based licensing based on a yearly license, which is a good way of handling it. However, in some cases, when we do the PCI scanning, the host will not like the scanning and we lose the IT license. So, this could be improved."
"There are different options available with respect to licensing."
"Try the free trial of the product to understand the basic working mechanisms.​"
"The product is expensive, at least initially, in comparison to other products in this category."
"It is an expensive platform."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders​."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
842,767 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
12%
Computer Software Company
11%
University
6%
Computer Software Company
17%
Financial Services Firm
15%
Manufacturing Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub?
The control is the most valuable feature as developers can work on a single code.
What is your experience regarding pricing and costs for GitHub?
The pricing of GitHub depends on the choice of solutions, such as building one's own GitHub Runners to save money or using GitHub's Runners with extra costs. The pricing is considered reasonable an...
What needs improvement with GitHub?
There are still areas for improvement with GitHub Actions and their deployment workflows, as they have made significant progress but are not yet polished. Occasionally, stability can be an issue, t...
What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
What needs improvement with Qualys Web Application Scanning?
I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus ( /products/tenable-nessus-reviews ). After using the product for a year, I might have more s...
 

Also Known As

No data available
Qualys WAS
 

Overview

 

Sample Customers

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent
BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
Find out what your peers are saying about GitHub vs. Qualys Web Application Scanning and other solutions. Updated: March 2025.
842,767 professionals have used our research since 2012.