Try our new research platform with insights from 80,000+ expert users

GitLab vs Qualys Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 23, 2024
 

Categories and Ranking

GitLab
Ranking in Application Security Tools
11th
Ranking in Static Application Security Testing (SAST)
10th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
80
Ranking in other categories
Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (13th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (3rd)
Qualys Web Application Scan...
Ranking in Application Security Tools
13th
Ranking in Static Application Security Testing (SAST)
12th
Average Rating
7.8
Reviews Sentiment
7.4
Number of Reviews
35
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Application Security Tools category, the mindshare of GitLab is 3.0%, up from 2.5% compared to the previous year. The mindshare of Qualys Web Application Scanning is 1.9%, down from 2.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Corné den Hollander - PeerSpot reviewer
Powerful, mature, and easy to set up and manage
It's more related to the supporting layer of features, such as issue management and issue tracking. We tend to always use, for example, Jira next to it. That doesn't mean that GitLab should build something similar to Jira because that will always have its place, but they could grow a bit in those kinds of supporting features. I see some, for example, covering ITSM on a DevOps team level, and that's one of the things that I and my current client would find really helpful. It's understandably not going to be their main focus and their core, and whenever you are with a company that needs a bit more advanced features on that specific topic, you're probably still going to integrate with another tool like Jira Service Management, for example. However, some basic features on things like that could be really helpful. In terms of additional features, nothing comes to mind. One of the potential pitfalls is to keep adding new features and functionalities. They can just improve some of the existing features to make it high-end, top-quality. I don't have any substantial experience with agile planning. I don't know the industries GitLab is in, and I don't know why they make decisions like this, but as a customer, I would rather see them invest in improving the basic agile planning functionalities rather than adding, for example, portfolio planning features. That's because if I'm going to do portfolio planning, I probably will also need a lot of business users. I'm not sure if I want them in GitLab, I'd rather have them in Jira collaborating with me on portfolio planning. That's way better fitted for that type of work.
SubhajitAich - PeerSpot reviewer
A stable solution that can be used for infrastructure vulnerability scanning and web application scanning
Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly. Compared to other solutions like Tenable and Rapid7, you need to navigate a lot to get the actual results out of Qualys Web Application Scanning. If I have to search for one thing within the entire console, I have to look for it randomly. It's not very easy and very comfortable to find something. Overall, it's a very good solution, but it will be very good if the tool is more user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The scalability is good."
"The solution has an established roadmap that lays out its plans for upgrades over the next two to three years."
"Git hosting has an integration with ACD which is why we liked this solution in the first place."
"It speeds up our development, it's faster, safer, and more convenient."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"The most valuable feature of GitLab is the automatic merging of code."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"The product prevents possible vulnerabilities in our network."
"It scans web applications to identify vulnerabilities during deployment."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"​We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues.​"
"It is a cloud-based solution, so it is easy to scale."
 

Cons

"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
"The solution should be more cloud-native and have more cloud-native capabilities and features."
"I've noticed an area for improvement in GitLab, particularly needing to go through many steps to push the code to the repository. Resolving that issue would make the product better. My team quickly fixed it by writing a small script, then double-clicking or enabling the script to take care of the issue. However, that quick fix was from my team and not the GitLab team, so in the next release, if an automatic deployment feature would be available in GitLab, then that would be good because, in Visual Studio, you can do that with just one click of a button."
"As GitLab is not perfect, what needs improvement in the solution is the Wiki feature of the groups or the repertories because currently, it's not searchable by default. You'll need an indexing service such as Elasticsearch to make it searchable, and that requires too much work, so for me, it's the main feature that should be improved in GitLab. In the next version of the solution, from the top of my head, the documentation could be improved. Besides the Wiki, it would be good if there's documentation that would be automatically generated based on the code repository. In other words, there should be some tutorials from GitLab for developers in the next release."
"Merge conflicts and repository maintenance could improve. If there is someone new to the system they would not know if there is a conflict."
"It would be better if there weren't any outages. There are occasions where we usually see a lot of outages using GitLab. It happens at least once a week or something like that. Whatever pipelines you're running, to check the logs, you need to have a different set of tools like Argus or something like that. If you have pipelines running on GitLab, you need a separate service deployed to view the logs, which is kind of a pain. If the logs can be used conveniently on GitLab, that would be definitely helpful. I'm not talking about the CI/CD pipelines but the back-end services and microservices deployed over GitLab. To view the logs for those microservices, you need to have separate log viewers, which is kind of a pain."
"GitLab can improve its user interface to make conflict resolution more user-friendly."
"There is a need to improve or adopt AI into the ecosystem like a co-pilot, which Microsoft has done with GitHub."
"There should be better visibility into the application."
"It should have better automatic reporting."
"Deployment can be complicated."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The solution needs to adjust its pricing. They should make it more affordable."
"The product should allow users to upload their payloads."
"There could be better management and faster scanning."
"The pricing does not seem to be competitive."
 

Pricing and Cost Advice

"The price of GitLab could be better, it is expensive."
"GitLab is highly priced for smaller teams, but it's okay if considering a user base of thousands."
"In total, I believe we have more than 300 licenses spread over about 100 users, though I can't comment on the costs involved."
"We are using its free version, and we are evaluating its Premium version. Its Ultimate version is very expensive."
"It is very expensive. We can't bear it now, and we have to find another solution. We have a yearly subscription in which we can increase the number of licenses, but we have to pay at the end of the year."
"The solution's standard license is paid annually. They have changed the pricing model and it used to be better. There is a free version available."
"The open-source version is very good and the commercial version is reasonably priced."
"Regarding pricing, I would rate GitLab as moderately priced, maybe around a seven or eight out of ten. It could be more flexible for clients but generally offers good value."
"The product has a very good licensing model."
"The product pricing is fair and reasonably priced."
"Licensing was based on the number of assets that you want to scan on your network. You can also do licensing on subscription. On subscription, it is easier and more flexible. You tell Qualys that you want to move from the 1000 to 2000 band or the 3000 or 5000 band, then they will give you the quotation for it. Once you pay for it, applying the licensing is quite easy and effective."
"Qualys WAS' pricing is competitive."
"From my perspective, it is a budget-friendly option."
"Qualys has an IT-based licensing based on a yearly license, which is a good way of handling it. However, in some cases, when we do the PCI scanning, the host will not like the scanning and we lose the IT license. So, this could be improved."
"It is an expensive platform."
"Try the free trial of the product to understand the basic working mechanisms.​"
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
824,145 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
29%
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
8%
Financial Services Firm
16%
Computer Software Company
16%
Manufacturing Company
10%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
What is your experience regarding pricing and costs for GitLab?
GitLab is mostly free, with potential costs arising from upgrade versions. There is a trial period of about six months during which it is free. Afterward, fees apply.
What needs improvement with GitLab?
There are some challenges with repository file management as GitLab may struggle to manage larger files. Improvements could be made regarding size management and file partitioning. Also, the UI has...
What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
What needs improvement with Qualys Web Application Scanning?
One area for improvement is the user interface. The new UI, which was recently upgraded, feels more complex and less user-friendly than the old version. However, as we continue to use it, we antici...
 

Also Known As

Fuzzit
Qualys WAS
 

Learn More

 

Overview

 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
Find out what your peers are saying about GitLab vs. Qualys Web Application Scanning and other solutions. Updated: December 2024.
824,145 professionals have used our research since 2012.