• Home
  • Fortinet FortiWeb vs. Qualys VMDR

Fortinet FortiWeb vs Qualys VMDR comparison

Cancel
You must select at least 2 products to compare!
Fortinet Logo

Fortinet FortiWeb

Read 83 Fortinet FortiWeb reviews
9,652 views|6,970 comparisons
88% willing to recommend
Qualys Logo

Qualys VMDR

Read 77 Qualys VMDR reviews
6,866 views|5,201 comparisons
93% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Web Application Firewall (WAF)
April 2024
Executive Summary

We performed a comparison between Fortinet FortiWeb and Qualys VMDR based on real PeerSpot user reviews.

Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF).
To learn more, read our detailed Web Application Firewall (WAF) Report (Updated: April 2024).
Download the complete report
768,857 professionals have used our research since 2012.
Featured Review
Anonymous User
Cost-effective, easy to configure, and works very well as a single solution for multiple environments
We have not been using it for a very long time. It has only been eight months, and so far, there have been two main benefits. The first benefit is... Read more →
PranjalGargava
Helps with vulnerability scanning and understanding of cyber security controls
The product has helped us understand cybersecurity controls.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"One main feature we are very happy about is file security and upload functionality.""The ease of configuration is valuable. We have Azure WAF, we have OCI WAF, and we also have Cloud Armor for GCP, but their configuration isn't very easy. It's pretty simple in FortiWeb, and we can enable or configure whatever we want.""The solution is stable.""All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.""The deployment was very easy.""The GUI is user-friendly.""What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.""It offers some feedback and suggestions that guide our system development while helping our vendors to update their applications and fix any issues or bugs."

More Fortinet FortiWeb Pros →

"It is quite easy to implement.""The most valuable feature of the solution is the external channel.""The features that are most valuable are the identification, scan features, and the identification of vulnerabilities.""Technical support is fantastic.""The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning.""The process of defining and discovering scans is organized efficiently.""The solution is easy to use.""The most recent is VMDR, which provides a comprehensive overview of how to detect, patch, and remediate specific vulnerabilities."

More Qualys VMDR Pros →

Cons
"The Layer 7 DDoS attacks need improvement, it could be better.""I would like to have an antivirus option.""The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product.""We would like the interface to be easier to use and more user-friendly. The interface needs to be enhanced.""The initial setup in our data center was somewhat complex.""The upgrade process could be a bit smoother.""The interface could have the interdependent elements arranged sequentially and wizards that go through most common deployment actions.""The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network."

More Fortinet FortiWeb Cons →

"It's not very user-friendly at times and requires in-depth understanding. So, a layman or someone new to Qualys won't be able to easily understand it. You need education to use the solution.""Improve the user interface.""The solution is a bit expensive if you do not have access to discounts.""It is a struggle to be able to pull our report and to be able to do onboarding using automated tools.""Improve the API speed.""The reporting and the GUI need improvements.""Qualys VM's vulnerability scan could be improved, especially the number of CVE numbers it can manage at a time.""It is more expensive vs. other products on the market."

More Qualys VMDR Cons →

Pricing and Cost Advice
  • "Cheaper than others."
  • "FortiWeb can be purchased in VM mode for a lower price and the same features."
  • "Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes."
  • "​It really pays off to buy licences for multiple years​."
  • "​The pricing is reasonable."
  • "The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size."
  • "The solution gives us the best price to performance ratio."
  • "The costs are standard. We pay around $1,600 yearly."

    • More Fortinet FortiWeb Pricing and Cost Advice →

  • "Usually every implementation is different and the quote is in function of number of assets."
  • "When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
  • "It is more expensive than other products on the market."
  • "They have recently changed the pricing model, which is now better than it was before."
  • "It is different for every company, but for us, it's every three years."
  • "Qualys is cheaper and more affordable than other solutions."
  • "The pricing and licensing for Qualys could be improved."
  • "The license is on a yearly basis."

    • More Qualys VMDR Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
    See Recommendations
    768,857 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Fortinet FortiWeb?
    Top Answer:The product has a very user-friendly dashboard.
    Read all 47 answers   →
    What is your experience regarding pricing and costs for Fortinet FortiWeb?
    Top Answer:The product is expensive. I rate the pricing a ten out of ten.
    Read all 37 answers   →
    What needs improvement with Fortinet FortiWeb?
    Top Answer:The software's support services could be better compared to Sophos.
    Read all 47 answers   →
    What is your primary use case for Qualys VM?
    Top Answer:Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the… more »
    Read all 36 answers   →
    What do you like most about Qualys VMDR?
    Top Answer:The process of defining and discovering scans is organized efficiently.
    Read all 56 answers   →
    What is your experience regarding pricing and costs for Qualys VMDR?
    Top Answer:The product is more expensive than that of any other vendor.
    Read all 33 answers   →
    Ranking
    4th
    out of 79 in Web Application Firewall (WAF)
    Views
    9,652
    Comparisons
    6,970
    Reviews
    21
    Average Words per Review
    637
    Rating
    7.8
    3rd
    out of 37 in Risk-Based Vulnerability Management
    Views
    6,866
    Comparisons
    5,201
    Reviews
    26
    Average Words per Review
    423
    Rating
    8.0
    Comparisons
    Also Known As
    Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
    Learn More
    Fortinet
    Qualys
    Overview

    Fortinet FortiWeb is a Web Application Firewall (WAF) that protects your web applications and APIs from attacks targeting known as well as unknown vulnerabilities. As the surface of your web applications evolves with each change of existing features and deployment of new features, your APIs are left exposed. Fortinet FortiWeb provides the board protection capabilities required to protect web applications without sacrificing performance or manageability.

    Fortinet FortiWeb is an automatic, advanced multi-layer solution that provides secure protection by discerning irregular behavior and distinguishing between malicious and benign anomalies. In addition, the approach delivers powerful bot mitigation capacities which authorize harmless bots to connect while blocking malicious bot activity securely. Regardless of where an application is hosted, Fortinet FortiWeb will safeguard business applications by providing deployment options, such as virtual machines, hardware appliances, and containers that can be deployed in the data center, cloud environments, or in the cloud-native SaaS solution.

    Fortinet FortiWeb Features and Benefits

    APIs and web applications have become integral to the rising demand for business-critical applications. Now more than ever, businesses are in need of an automatic firewall that will provide them with security, without sacrificing performance or reliability. Fortinet FortiWeb offers a variety of features and benefits, including:

    • Security fabric integration: FortiWeb integrates with other Fortinet solutions to provide advanced protection from persistent threats.

    • Proven web application and API protection: FortiWeb safeguards applications from all DDOS attacks, malicious bot attacks, and OWASP Top-10 threats.

    • Advanced visual analytics: FortiWeb offers a unique visual reporting tool that other WAF solutions don’t by providing a detailed analysis of attack elements and sources.

    • Hardware-based acceleration: With fast and secure traffic encryption and decryption, FortiWeb provides best-in-class WAF protection.

    • ML-based threat detection: FortiWeb delivers multi-layer machine learning defense protection to defend against zero-day attacks and reduce false positives.

    • False positive mitigation tools: Reduce daily management of policies through advanced tools to guarantee only unwanted traffic is blocked.

    Reviews from Real Users

    Fortinet FortiWeb offers an industry-leading Web Application Firewall, and users are satisfied with it for a number of reasons, including the ability to control everything from the dashboard and the PCI-compliant reports it offers.

    Carlos P., director of business and digital transformation at SERNIVEL3, notes, "You have the ability to control everything from one single dashboard."

    A director at a tech service company, says, "Banks have to be compliant with PCI and other things, and FortiWeb is absolutely amazing in terms of providing these reports. Otherwise, they will have to spend a lot of time on them."

    Vulnerability Management, Detection, and Response (VMDR) is a cornerstone product of the Qualys TruRisk Platform and a global leader in the enterprise-grade vulnerability management (VM) vendor space. With VMDR, enterprises are empowered with visibility and insight into cyber risk exposure - making it easy to prioritize vulnerabilities, assets, or groups of assets based on business risk. Security teams can take action to mitigate risk, helping the business measure their actual risk exposure over time. 

    Qualys VMDR offers an all-inclusive risk-based vulnerability management solution to prioritize vulnerabilities and assets based on risk and business criticality. VMDR seamlessly integrates with configuration management databases (CMDB), Qualys Patch Management, Custom Assessment and Remediation (CAR), Qualys TotalCloud and other Qualys and non-Qualys solutions to facilitate vulnerability detection and remediation across the entire enterprise.

    With VMDR, users are empowered with actionable risk insights that translate vulnerabilities and exploits into optimized remediation actions based on business impact. Qualys customers can now aggregate and orchestrate data from the Qualys Threat Library, 25+ threat intelligence feeds, and third-party security and IT solutions, empowering organizations to measure, communicate, and eliminate risk across on-premises, hybrid, and cloud environments.

    Sample Customers
    Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
    Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
    Top Industries
    REVIEWERS
    Financial Services Firm24%
    Comms Service Provider20%
    Computer Software Company17%
    Government10%
    VISITORS READING REVIEWS
    Educational Organization37%
    Computer Software Company12%
    Financial Services Firm7%
    Comms Service Provider6%
    REVIEWERS
    Financial Services Firm17%
    Comms Service Provider15%
    Manufacturing Company15%
    Transportation Company11%
    VISITORS READING REVIEWS
    Educational Organization32%
    Computer Software Company11%
    Financial Services Firm11%
    Manufacturing Company6%
    Company Size
    REVIEWERS
    Small Business49%
    Midsize Enterprise22%
    Large Enterprise28%
    VISITORS READING REVIEWS
    Small Business18%
    Midsize Enterprise47%
    Large Enterprise35%
    REVIEWERS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise69%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise41%
    Large Enterprise44%
    Buyer's Guide
    Web Application Firewall (WAF)
    April 2024
    Download Free Report
    Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF). Updated: April 2024.
    DOWNLOAD NOW
    768,857 professionals have used our research since 2012.

    Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews. Fortinet FortiWeb is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.

    We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.