Try our new research platform with insights from 80,000+ expert users

GitHub vs Qualys Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jan 5, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitHub
Ranking in Application Security Tools
6th
Average Rating
8.8
Reviews Sentiment
7.5
Number of Reviews
93
Ranking in other categories
Version Control (3rd)
Qualys Web Application Scan...
Ranking in Application Security Tools
12th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
38
Ranking in other categories
Static Application Security Testing (SAST) (9th)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of GitHub is 0.8%, down from 1.1% compared to the previous year. The mindshare of Qualys Web Application Scanning is 2.0%, down from 2.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Pervez Roy - PeerSpot reviewer
Very good for collaboration on software projects
We use GitHub for code repository alongside Bitbucket GitHub is very good for collaboration on software projects. We prefer Bitbucket for commercial use, while GitHub is used for open source. You can get the differences, history of changes, and version control for various pull requests. You can…
SubhajitAich - PeerSpot reviewer
A stable solution that can be used for infrastructure vulnerability scanning and web application scanning
Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly. Compared to other solutions like Tenable and Rapid7, you need to navigate a lot to get the actual results out of Qualys Web Application Scanning. If I have to search for one thing within the entire console, I have to look for it randomly. It's not very easy and very comfortable to find something. Overall, it's a very good solution, but it will be very good if the tool is more user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I did not have any issues with the stability of Github. It worked seamlessly."
"The most valuable feature is the fact that it's cloud-based, and we don't have to manage an on-premises server to use it."
"The most valuable feature of GitHub is version control and continuous integration."
"The solution provides good customization and support."
"The deployment is fast since we just have to run the script, and once it's done, it takes a few minutes."
"The tool is valuable because it helps us work in a distributed environment with multiple people across different locations and time zones. We have a common repository that everyone works on, which would be tough to manage manually. GitHub helps us maintain this single source of truth. Everyone can check out their own branches, which is important for our branching strategies. We can fork, check out feature branches, work on our code, and merge back into parent branches for deployment. This is crucial when multiple people are working on the same codebase."
"With GitHub, we can manage our development progress, CID, and continuous integration. It helps streamline our development processes effectively."
"The initial setup was straightforward."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"It is easy to use."
"​QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations.​"
"Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile)."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"Qualys Web Application Scanning is accurate and provides minimal false positives."
 

Cons

"The only thing I see missing in GitHub is that it isn't very user friendly for key personnel who don't have in-depth, technical knowledge. In Jira, there are many functions to upload our test cases, and in GitHub we can only do it manually. There are functions which can be used to upload different files, but that still requires some technical knowledge. A layman cannot do it."
"GitHub's issue management could be improved a little from an organization standpoint. It would be helpful to have the ability to organize a work board or a backlog more comprehensively. For organizations migrating to GitHub from arbitrary systems, it's a little bit of a headache to move on to that system."
"Lacks sufficient support in terms of professional services that could be provided."
"While using the solution when merging two code branches the code becomes a bit messy. This should be improved in the future."
"The GitHub repository needs an upgraded user interface and overall UI improvements."
"The initial setup and implementation could be easier, I had some difficulties with it at first but I don't have a development background."
"There is room for improvement in terms of interface."
"One area for improvement in GitHub could be integration with other tools, such as test management or project management tools."
"The support could be faster."
"It is unclear how to build automation on Qualys. We do some automation, but not fully, because working is difficult."
"Deployment can be complicated."
"I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus."
"The reporting contains too many false positives."
"The product should allow users to upload their payloads."
"There should be better visibility into the application."
"The solution needs to adjust its pricing. They should make it more affordable."
 

Pricing and Cost Advice

"GitHub is an open-source application. It's free to use."
"I haven't had to pay anything for GitHub, I use the free version."
"I am using the free version of the solution. However, there are some costs my organization pays."
"My company purchased it. Before, we used to receive the free version, but then they purchased some of the features."
"The basic licensing model is free, and if you need to have technical support and such things, then it does cost something. You only need to pay extra if you need technical support."
"The price of this solution is reasonable."
"The licensing model from GitHub is very clear."
"We pay a licensing fee for GitHub, which could be cheaper."
"We normally purchase an annual license."
"Licensing was based on the number of assets that you want to scan on your network. You can also do licensing on subscription. On subscription, it is easier and more flexible. You tell Qualys that you want to move from the 1000 to 2000 band or the 3000 or 5000 band, then they will give you the quotation for it. Once you pay for it, applying the licensing is quite easy and effective."
"We are on an annual license for the solution and the pricing could be more affordable."
"The cost is $30,000 USD for one year to cover WAS (Web Application Security) and the VM (Virtual Machine) security in a company with 200 employees."
"There are different options available with respect to licensing."
"The product is expensive, at least initially, in comparison to other products in this category."
"It is an expensive platform."
"Qualys WAS' pricing is competitive."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Manufacturing Company
12%
Computer Software Company
11%
University
6%
Computer Software Company
17%
Financial Services Firm
15%
Manufacturing Company
11%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitHub?
The control is the most valuable feature as developers can work on a single code.
What is your experience regarding pricing and costs for GitHub?
The pricing of GitHub depends on the choice of solutions, such as building one's own GitHub Runners to save money or using GitHub's Runners with extra costs. The pricing is considered reasonable an...
What needs improvement with GitHub?
There are still areas for improvement with GitHub Actions and their deployment workflows, as they have made significant progress but are not yet polished. Occasionally, stability can be an issue, t...
What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
What needs improvement with Qualys Web Application Scanning?
I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus ( /products/tenable-nessus-reviews ). After using the product for a year, I might have more s...
 

Also Known As

No data available
Qualys WAS
 

Overview

 

Sample Customers

Dominion Enterprises, NASA, Braintree, SAP, CyberAgent
BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
Find out what your peers are saying about GitHub vs. Qualys Web Application Scanning and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.