We performed a comparison between GitLab and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A user friendly solution."
"I like that it's easy to deploy our services over GitLab. The customer support is also good with a really active community. You have a lot of support that you can get online with your stack. That is probably one of the benefits of using GitLab. It's also really fast."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"The most valuable features of GitLab are the CI/CD pipeline and code management."
"I like GitLab from the CI/CD perspective. It is much easier to set up CI/CD and then integrate with other tools."
"We're only using the basic features of GitLab and haven't used any advanced features. The solution works fine, so that's what we like about GitLab. We're party using GitHub and GitLab. We have a GitHub server, while we use GitLab locally or only within our team, and it works okay. We don't have any significant problems with the solution. We also found the straightforward setup, stability, and scalability of GitLab valuable."
"We have seen a couple of merge requests or pull requests raised in GitLab. I see the interface, the way it shows the difference between the two source codes, that it is easy for anyone to do the review and then accept the request; the pull request is the valuable feature."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"The product prevents possible vulnerabilities in our network."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"It works with many different products."
"It is a good product for website penetration testing to detect vulnerabilities."
"The interface is user-friendly and easy to understand."
"Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile)."
"There is a need to improve or adopt AI into the ecosystem like a co-pilot, which Microsoft has done with GitHub."
"The solution does not have many built-in functions or variables so scripting is required."
"In the free version, when a merge request is raised, there is no way to enforce certain rules. We can't enforce that this merge request must be reviewed or approved by two or three people in the team before it is pushed to the master branch. That's why we are exploring using some agents."
"Atlassian offers more products than GitLab. GitLab offers source control management, version control and collaboration between developers. Atlassian offers features on top of this as well as more integration points for developers."
"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc."
"There is room for improvement in GitLab Agents."
"This solution could be improved by adding modifications such as slack notifications."
"It would be really good if they integrated more features in application security."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"The support could be faster."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
"There could be better management and faster scanning."
"There should be better visibility into the application."
"The product should allow users to upload their payloads."
"They should try to include business logic vulnerabilities in the scanner testing."
"In certain cases, this product does have false positives, which the company should work on."
More Qualys Web Application Scanning Pricing and Cost Advice →
GitLab is ranked 7th in Application Security Tools with 70 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. GitLab is rated 8.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". GitLab is most compared with Microsoft Azure DevOps, Bamboo, AWS CodePipeline, SonarQube and Tekton, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Rapid7 AppSpider. See our GitLab vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
