Try our new research platform with insights from 80,000+ expert users
it_user563475 - PeerSpot reviewer
Deputy Manager at a tech services company with 10,001+ employees
Real User
Download
Network scanner has good reporting and coverage, but it needs manual pen testing

What is our primary use case?

Cloud hosted application, and was also accessible through mobile app.

How has it helped my organization?

Dynamic features for pen testing automation, with manual.

What is most valuable?

Network scanner has good reporting, coverage was also good. In Web scanner, dashboard was good but features were limited.

What needs improvement?

Please add manual penetration testing features. 

Also I didn't like the license terms and the features were limited compared to other tools used for web applications.

Buyer's Guide
Qualys Web Application Scanning
November 2024
Free Report: Qualys Web Application Scanning Reviews and More
Learn what your peers think about Qualys Web Application Scanning. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.

For how long have I used the solution?

Trial/evaluations only.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
it_user255879 - PeerSpot reviewer
Security Analyst at a tech services company with 1,001-5,000 employees
Consultant
Download
Automated tools cannot find all the vulnerabilities, but this is one of the best.

What is most valuable?

WAS and being able to integrate Selenium IDE to automate the login process was most helpful.

How has it helped my organization?

Scheduling feature allows to scan on the weekends and holidays in a planned way.

What needs improvement?

Enhancing the capability to find XSS.

For how long have I used the solution?

I've used it for six months.

What was my experience with deployment of the solution?

No issues encountered.

What do I think about the stability of the solution?

No issues encountered.

What do I think about the scalability of the solution?

No issues encountered.

How are customer service and technical support?

Customer Service:

I've never had the chance to interact.

Technical Support:

I've never had the chance to interact.

Which solution did I use previously and why did I switch?

This would depend on the clients' requirements.

How was the initial setup?

It's straightforward. In fact, it's one of the easiest solutions to implement.

What about the implementation team?

We used a vendor team who had good expertise.

What other advice do I have?

I would recommend this tool. Simply, go for it. The video tutorials would give an insight on the simplicity and effectiveness of the product.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Qualys Web Application Scanning
November 2024
Free Report: Qualys Web Application Scanning Reviews and More
Learn what your peers think about Qualys Web Application Scanning. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
CybSec9734 - PeerSpot reviewer
Cyber Security Consultant at a tech services company with 10,001+ employees
Consultant
Download
The way results are presented makes remediation easy, but GUI is a little complex
Pros and Cons
  • "Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
  • "You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
  • "The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."

What is our primary use case?

We have a lot of applications in our environment that we need to scan frequently. We have a lot of tutorial sites, e-learning sites, and other related websites which we have to build, maintain, and scan continuously for security purposes.

How has it helped my organization?

It definitely helps us with the remediation process as we can create different reports, whatever is required at the time. 

What is most valuable?

  • It's cloud-based so the installation is not so tedious.
  • Easily deployed.
  • Highly scalable.
  • Comprehensive reporting.

Also, you can integrate your Burp Suite results and create an integrated report. 

The way it shows the results - threats and exploit details - makes remediation very easy.

We have seen very few false positives. We found the documentation very useful, particularly the roll-out guide. While the tool is not hard to use, by dividing the documentation into sections, the company provided specific guidance on use cases that are not necessarily limited to the tool itself.

What needs improvement?

The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes. 

Also, occasionally it can't even authenticate to basic web forms.

For how long have I used the solution?

One to three years.

How is customer service and technical support?

Qualys offers one excellent support, which includes 24/7 phone and mail support, as well as access to its online user community.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Download our free Qualys Web Application Scanning Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
DOWNLOAD NOW
Buyer's Guide
Download our free Qualys Web Application Scanning Report and get advice and tips from experienced pros sharing their opinions.
Buyer's Guide
Qualys Web Application Scanning
November 2024
DOWNLOAD NOW
Quick Links
Learn More: Questions: