Try our new research platform with insights from 80,000+ expert users

OpenText Dynamic Application Security Testing vs Qualys Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

OpenText Dynamic Applicatio...
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
21
Ranking in other categories
Dynamic Application Security Testing (DAST) (3rd), DevSecOps (10th)
Qualys Web Application Scan...
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
38
Ranking in other categories
Application Security Tools (13th), Static Application Security Testing (SAST) (9th)
 

Mindshare comparison

While both are Application Lifecycle Management solutions, they serve different purposes. OpenText Dynamic Application Security Testing is designed for Dynamic Application Security Testing (DAST) and holds a mindshare of 22.2%, down 30.5% compared to last year.
Qualys Web Application Scanning, on the other hand, focuses on Application Security Tools, holds 2.1% mindshare, up 2.0% since last year.
Dynamic Application Security Testing (DAST)
Application Security Tools
 

Featured Reviews

Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…
Kelvin Oladipo - PeerSpot reviewer
User-friendly scanning provides valuable vulnerability insights, but pricing improvements are needed
Qualys Web Application Scanning ( /products/qualys-web-application-scanning-reviews ) is user-friendly, easy to understand, easy to use, and easy to deploy. Credential scanning is very effective because it goes in-depth into the system, crawling the pages, and reporting on vulnerabilities. The product helps by providing options for remediating vulnerabilities it finds, making it really useful.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The accuracy of its scans is great."
"The most valuable feature of this solution is the ability to make our customers more secure."
"The feature that has been most influential in identifying vulnerabilities is its ability to crawl the website, understand the structure, and analyze the network packets sent and received."
"When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"The solution is easy to use."
"It's a well-known platform for doing dynamic application scanning."
"Guided Scan option allows us to easily scan and share reports."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"Qualys Web Application Scanning is user-friendly, easy to understand, easy to use, and easy to deploy."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"Automated scanning has significantly improved our web application security management by reducing manual work."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"Qualys Web Application Scanning is accurate and provides minimal false positives."
"​We have experienced quick customer support. They have a complete list of our previous issues along with our history, which makes it faster for them to solve issues.​"
"The interface is user-friendly and easy to understand."
 

Cons

"I would like WebInspect's scanning capability to be quicker."
"The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"Not sufficiently compatible with some of our systems."
"We have often encountered scanning errors."
"Creating reports is very slow and it is something that should be improved."
"A localized version, for example, in Korean would be a big improvement to this solution."
"When comparing this solution to Veracode, Veracode has good interactive features and gives a clear understanding of what the vulnerabilities are, which error line of the vulnerability is on and what can be done. It gives interactive features, whereas this solution does not give a clear understanding of where or how to fix the problem."
"The product should allow users to upload their payloads."
"The pricing does not seem to be competitive."
"There could be better management and faster scanning."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
"One area for improvement is the user interface. The new UI, which was recently upgraded, feels more complex and less user-friendly than the old version."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The product's pricing could be better."
 

Pricing and Cost Advice

"The price is okay."
"This solution is very expensive."
"It’s a fair price for the solution."
"Fortify WebInspect is a very expensive product."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
"The pricing is not clear and while it is not high, it is difficult to understand."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
"The product has a very good licensing model."
"We are on an annual license for the solution and the pricing could be more affordable."
"From my perspective, it is a budget-friendly option."
"I rate the software’s pricing a six out of ten."
"The product pricing is fair and reasonably priced."
"The cost is $30,000 USD for one year to cover WAS (Web Application Security) and the VM (Virtual Machine) security in a company with 200 employees."
"Qualys WAS' pricing is competitive."
"There are different options available with respect to licensing."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
861,524 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Government
15%
Manufacturing Company
13%
Computer Software Company
12%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
10%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortify WebInspect?
The solution's technical support was very helpful.
What is your experience regarding pricing and costs for Fortify WebInspect?
The price of Fortify WebInspect is high, with the cost depending on the number of virtual users. It is approximately 25% higher than other solutions.
What needs improvement with Fortify WebInspect?
The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate. The cost of the license depends on the number of virtual users and, in comparison to...
What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
What needs improvement with Qualys Web Application Scanning?
I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus ( /products/tenable-nessus-reviews ). After using the product for a year, I might have more s...
 

Also Known As

Micro Focus WebInspect, WebInspect
Qualys WAS
 

Overview

 

Sample Customers

Aaron's
BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
Find out what your peers are saying about OpenText Dynamic Application Security Testing vs. Qualys Web Application Scanning and other solutions. Updated: May 2022.
861,524 professionals have used our research since 2012.