Try our new research platform with insights from 80,000+ expert users

Qualys Web Application Scanning vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys Web Application Scan...
Ranking in Application Security Tools
12th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
38
Ranking in other categories
Static Application Security Testing (SAST) (9th)
Tenable.io Web Application ...
Ranking in Application Security Tools
20th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of Qualys Web Application Scanning is 2.0%, down from 2.2% compared to the previous year. The mindshare of Tenable.io Web Application Scanning is 1.2%, down from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

SubhajitAich - PeerSpot reviewer
A stable solution that can be used for infrastructure vulnerability scanning and web application scanning
Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly. Compared to other solutions like Tenable and Rapid7, you need to navigate a lot to get the actual results out of Qualys Web Application Scanning. If I have to search for one thing within the entire console, I have to look for it randomly. It's not very easy and very comfortable to find something. Overall, it's a very good solution, but it will be very good if the tool is more user-friendly.
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Qualys Web Application Scanning is user-friendly, easy to understand, easy to use, and easy to deploy."
"It scans web applications to identify vulnerabilities during deployment."
"The most valuable features are the scheduled scanning, detailed reports, asset management, the knowledge database, and the overall product framework."
"The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera."
"​We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues.​"
"The vulnerability management feature is a strong one. And also the patch management feature."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"Automated scanning has significantly improved our web application security management by reducing manual work."
"Tenable.io Web Application Scanning is very easy to use."
"It is fully automated."
"The solution is stable."
"It has good unified web application scanning and exposure management."
"The most valuable features of Tenable.io Web Application Scanning are the integration into specific use cases and scanning. All of the features of the solution are useful."
"Tenable.io Web Application Scanning provides a detailed report, identifying functions that are complex and need to be more maintainable and readable."
"We can get detailed information about vulnerabilities."
"Now that the license is centralized, it's a significant feature to manipulate assets based on their functions."
 

Cons

"The reporting contains too many false positives."
"One area for improvement is the user interface. The new UI, which was recently upgraded, feels more complex and less user-friendly than the old version."
"The software’s pricing could be improved."
"I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus."
"I have dealt with Qualys's technical support, and any enhancements are challenging. I would rate them a five out of ten."
"We have many websites. We don't force scanning on all of them at once because it's taking some time."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The product's pricing could be better."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
"The technical support should be improved. Currently, some attacks are detected while others are not."
"It isn't easy to manage vulnerabilities in Tenable."
"The platform's technical support services could be better."
"The technical support needs improvement. Currently, it takes time, which might be due to the free version, but providing some level of support could encourage future purchase decisions."
"It would be great if there were a dashboard that is more user-friendly."
"The dashboard could be more user-friendly."
"The market is standard for vulnerability scanning, however, the posture can be improved through Tenable's prioritization engine."
 

Pricing and Cost Advice

"The cost is $30,000 USD for one year to cover WAS (Web Application Security) and the VM (Virtual Machine) security in a company with 200 employees."
"The product has a very good licensing model."
"We normally purchase an annual license."
"Licensing was based on the number of assets that you want to scan on your network. You can also do licensing on subscription. On subscription, it is easier and more flexible. You tell Qualys that you want to move from the 1000 to 2000 band or the 3000 or 5000 band, then they will give you the quotation for it. Once you pay for it, applying the licensing is quite easy and effective."
"Qualys Web Application Scanning's pricing is a bit expensive compared to other solutions available in the market."
"​It is best to be an institutional buyer and directly contact the sales team, as they can provide over-the-top discounts for bulk orders​."
"We are on an annual license for the solution and the pricing could be more affordable."
"There are different options available with respect to licensing."
"The pricing is okay."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"I rate the product's pricing a four out of ten."
"Tenable.io Web Application Scanning is expensive for small businesses."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
10%
Government
8%
Financial Services Firm
14%
Computer Software Company
13%
Government
12%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
What needs improvement with Qualys Web Application Scanning?
I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus ( /products/tenable-nessus-reviews ). After using the product for a year, I might have more s...
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
 

Also Known As

Qualys WAS
No data available
 

Overview

 

Sample Customers

BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
IMDEX
Find out what your peers are saying about Qualys Web Application Scanning vs. Tenable.io Web Application Scanning and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.