We performed a comparison between Fortinet FortiWeb and Tenable.io Web Application Scanning based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF)."This product is very user-friendly."
"The policies and the filtering are the most valuable features, especially traffic, URL, and application filtering. The solution is excellent at detecting vulnerabilities."
"Fortinet FortiWeb is priced well."
"The valuable feature of Fortinet FortiWeb vulnerability scanner"
"The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability."
"The customers are very happy with this solution because of two things. First, the IPS integration with a web application is very tightly done on Fortinet. Second, the ease of use is there. The management interface or the GUI interface is very easy to use, configure, and manage. These are the two main valuable features. It supports integration with other Fortinet products. It also integrates very well with the firewall and sandboxing technology. They already have enough integration with different technologies. They have got a complete tech intelligence view of the whole product."
"L-7 protection makes possible to protect legacy/not up-to-date servers/applications without changing the application code."
"One of the big advantages of using Fortinet FortiWeb is all the Fortinet family solutions use the same user interface and logic. This makes it easy to use, configure, manage, and understand if you have used one of their solutions before or are wanting to implement other Fortinet solutions in the future. Additionally, all Fortinet solutions can be managed with one application called FortiManager."
"The initial setup is straightforward."
"It collects the vulnerabilities on the hostnames and sends them to the Tenable.io cloud. Tenable has its own cloud where Tenable.io is running, but there are many connectors to other cloud solutions. Tenable can do vulnerability scanning for other cloud managers such as Azure, Amazon, and so on."
"Tenable.io Web Application Scanning is very easy to use."
"The most valuable features of Tenable.io Web Application Scanning are the integration into specific use cases and scanning. All of the features of the solution are useful."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"The solution's instant reports feature is the most effective for detecting threats."
"We can get detailed information about vulnerabilities."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"The initial setup in our data center was somewhat complex."
"FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection."
"Fortinet FortiWeb could improve in reference architecture for different deployment scenarios."
"The dashboard evaluating the performance of each application connected to the web app's firewall is quite helpful, but the tool is only available in application performance management. So I think if Fortinet could better integrate that particular feature, it would add a lot of value to the product."
"The GUI could be better. It's limited."
"It may be better if it were easier to create roles."
"We want to see more detailed logging, such as audit logging, as this would significantly enhance the solution's reporting. We currently get some information from logs, but more would be better."
"The memory use in each of the appliances is problematic."
"The report customization needs to be better."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"The solution's dashboards could be improved and made more user-friendly."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
"It would be great if there were a dashboard that is more user-friendly."
"The dashboard could be more user-friendly."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
More Tenable.io Web Application Scanning Pricing and Cost Advice →
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Tenable.io Web Application Scanning is ranked 24th in Application Security Tools with 14 reviews. Fortinet FortiWeb is rated 8.0, while Tenable.io Web Application Scanning is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Tenable.io Web Application Scanning writes "Highly Recommended Solution with Latest Scanning Methods". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Tenable.io Web Application Scanning is most compared with Acunetix, SonarQube, Qualys Web Application Scanning, PortSwigger Burp Suite Professional and Mend.io.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
