What advice do you have for others considering Qualys Web Application Scanning?

We implemented the platform to identify web-based vulnerabilities in our applications, allowing us to address these issues proactively. It helps protect our web applications from potential attackers and secure them against loopholes. Automated scanning has significantly improved our web application security management by reducing manual work. It has also streamlined the process, saving us considerable time. Previously, scheduling scans for many applications would take about a week, but automation makes this process much quicker and more efficient. Regarding incident reduction, we have seen about a 20 % decrease. Cost-wise, there has been no significant difference compared to our previous tool. However, the speed of response and reduced false positives have been valuable. I would recommend it to others for its excellent customer support, scanning efficiency, and scalability. It is a reliable tool for managing web application security. Overall, I rate it an eight.

It can be recommended because it is a good tool. Overall, I rate the solution a seven out of ten.

Overall, I rate the solution a ten out of ten.

For those considering Qualys, it's important to understand how it fits into their overall security strategy, especially regarding web application and firewall (WAF) security. It's crucial to grasp the full capabilities of Qualys to make an informed decision. I'd advise understanding the product thoroughly to see if it aligns with your security needs. Overall, I would rate the solution a nine out of ten.

I integrate Qualys and QRadar. QRadar is for SCM. It helps centralize the management of the network. It provides good visibility of Qualys. Qualys is a good product. There are better tools in the market. However, I recommend Qualys to others. Overall, I rate the product an eight out of ten.

I am using the latest version of Qualys Web Application Scanning. Qualys Web Application Scanning is deployed both on-premises and on-cloud in our organization. The solution is deployed on the private Azure and GCP clouds. We do not manage the solution. We implement it on behalf of our clients. I work in a consulting company. We do not own the solution; we just configure it. In terms of web application scanning, Tenable and Rapid7 are not as reliable as Qualys Web Application Scanning. Overall, I rate Qualys Web Application Scanning a nine out of ten.

Qualys Web Application Scanning is easy to use and deploy. I rate it a nine out of ten. However, it could be less expensive compared to other open-source tools.

I recommend Qualys Web Application Scanning to others. It is easy to set up and use. It has less false policies as well. Once we onboard all the customers’ assets after setting it up, it takes almost an hour to have everything running and to log reports. I rate it a ten out of ten.

I am using the latest version of the solution. Tenable makes us wait 90 days to delete the test web application, and Rapid7 does not allow us to delete it as well as Acunetix (once a year). I will recommend the solution to others. Overall, I rate the solution an eight out of ten.

I would recommend this solution to others. I rate Qualys Web Application Scanning a seven out of ten.

I'd recommend the solution to others. We haven't had any issues after two years of working with it. I'd rate the solution eight out of ten.

I would recommend getting the POC done before implementing WAS, especially if there will be a lot of APIs involved in developing the product. Look at how the endpoint security works when the APIs run with a different channel, like web and mobile applications. I would give Qualys WAS a rating of six out of ten.

I rate Qualys Web Application Scanning nine out of 10. I think Web Application Scanning should integrate VMDR, a more enhanced capability that Qualys offers for enterprise vulnerability assessments. However, Qualys is way ahead of the competition on the web application front. If you're an industrial company, you should evaluate the OT scanning capability that Qualys is about to launch. It will cover all your enterprise web applications and secure your factories as well. Qualys should be a one-stop shop meeting all your end-to-end vulnerability assessment requirements, so you don't need to buy solutions from different vendors,

My advice to those wanting to implement this solution is if you have experience and knowledge with vulnerability management and reading through all the threats, this could be a good platform for you. If you are a new starter this solution is not a good place to start. I rate Qualys Web Application Scanning an eight out of ten.

I would recommend Qualys if the budget is not a problem. There may be other open-source solutions that could be used to perform a similar analysis. On a scale from one to ten (where one is the worst and ten is the best), I would rate this solution as an eight-out-of-ten.

My advice for anyone considering this solution is, "Go for it." On a scale of one to ten, I would give Qualys Web Application Scanning a seven.

I would rate this solution an eight out of ten.

On a scale from one to ten where one is the worst ten is the best, I would rate Qualys as a seven at this point. It is difficult to rate Qualys — or even products from other companies — as better than this because we are hearing the same thing from all the product manufacturers before we went into testing. But based on the references from other users about Qualys, our current level of experience, the pricing as we know it and the services that are offered for free, Qualys is a seven. What we have mostly found at this point is that you can't just install a free trial version of a product and get a complete impression immediately. With some products like Qualys or others in the category, the pricing may not be completely right because there are hidden costs. It could be one solution is not quick to deploy and that seems to make it difficult but in actual use, it is easier than everything else. Some products will be easy to set up and after 10 days of trying to work with it, I might be disappointed because of what I committed to.

We are using the cloud deployment model. I would recommend other users to use Qualys Application Scanning for application security. If you're serious about security you need a service or a solution that does continuous scanning of your application and infrastructure. There are always vulnerabilities being introduced. I would rate the solution eight out of ten.

I would advise someone considering this product is to find a solution that is easy to use. We use this solution because we need to. I would rate it an eight out of ten. Not a ten because the reporting needs improvement. It should have better automatic reporting.

It is a very much stable. If you have a good amount of calender-based activities, it is good for defining frequency. You can define the calendar internally, then you can do your scanning. Though, it has some triaging features which should finally be fixed.