We performed a comparison between GitLab and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have seen a couple of merge requests or pull requests raised in GitLab. I see the interface, the way it shows the difference between the two source codes, that it is easy for anyone to do the review and then accept the request; the pull request is the valuable feature."
"GitLab's best features are maintenance, branch integration, and development infrastructure."
"CI/CD and GitLab scanning are the most valuable features."
"The solution makes the CI/CD pipelines easy to execute."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"The user interface is really good so that helps with huge teams who need to collaborate."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"I like GitLab's security and SAS tools."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"The interface is user-friendly and easy to understand."
"The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile)."
"Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"We have only seen a couple of issues on Gitlab, which we use for building some of the applications."
"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
"The solution should be more cloud-native and have more cloud-native capabilities and features."
"This solution could be improved by adding modifications such as slack notifications."
"There is room for improvement in GitLab Agents."
"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."
"There is a need to improve or adopt AI into the ecosystem like a co-pilot, which Microsoft has done with GitHub."
"The documentation is confusing."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The product's pricing could be better."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
"The pricing does not seem to be competitive."
"When comparing this solution to Veracode, Veracode has good interactive features and gives a clear understanding of what the vulnerabilities are, which error line of the vulnerability is on and what can be done. It gives interactive features, whereas this solution does not give a clear understanding of where or how to fix the problem."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"The virus code updates are not frequent enough."
"There should be better visibility into the application."
More Qualys Web Application Scanning Pricing and Cost Advice →
GitLab is ranked 7th in Application Security Tools with 70 reviews while Qualys Web Application Scanning is ranked 18th in Application Security Tools with 31 reviews. GitLab is rated 8.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Rapid7 AppSpider. See our GitLab vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
