Try our new research platform with insights from 80,000+ expert users

Cisco SecureX [EOL] vs Qualys Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cisco SecureX [EOL]
Average Rating
9.0
Reviews Sentiment
8.2
Number of Reviews
13
Ranking in other categories
No ranking in other categories
Qualys Web Application Scan...
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
38
Ranking in other categories
Application Security Tools (13th), Static Application Security Testing (SAST) (9th)
 

Featured Reviews

Alon K - PeerSpot reviewer
Gives our customers visibility and they don't have to go multiple management consoles anymore
One of the examples is related to forensics. The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever. With just one click you have information from email, from the endpoint, from the web. Let's say that tomorrow morning, you have a ransom[ware] attack in your organization and you would like to know from which email it came, or where the customer saved the file, even though the incident didn't occur at the same moment. With SecureX, you have Cisco Threat Response inside. [With] one click, you get all of the flow. That's amazing value. That also releases resources for our customers. The customers don't have to connect many systems and try to register the event on each system, or to go to the SIEM and do a correlation. That's the one-stop shop for the customers, and that's amazing.
Kelvin Oladipo - PeerSpot reviewer
User-friendly scanning provides valuable vulnerability insights, but pricing improvements are needed
Qualys Web Application Scanning ( /products/qualys-web-application-scanning-reviews ) is user-friendly, easy to understand, easy to use, and easy to deploy. Credential scanning is very effective because it goes in-depth into the system, crawling the pages, and reporting on vulnerabilities. The product helps by providing options for remediating vulnerabilities it finds, making it really useful.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"The automation and orchestration tools are the most valuable features."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"The tool links vulnerabilities with DDIs and gives a complete overview of the application. The continuous monitoring capability is good."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"It scans web applications to identify vulnerabilities during deployment."
"The product prevents possible vulnerabilities in our network."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"It is easy to use."
 

Cons

"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"what's missing right now is the multi-tenant capability."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"They should try to include business logic vulnerabilities in the scanner testing."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
"The software’s pricing could be improved."
"There should be better visibility into the application."
"There should be better visibility into the application."
"The scanner reports a lot of false positives, which is something that needs to be improved."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
 

Pricing and Cost Advice

"It would be nice if they had a different pricing model. Most of our budget for projects goes towards Cisco."
"You can spend less money for another solution, but if you really want to have a good solution you have to pay. We are happy that we are getting such a good solution for what we are spending."
"The pricing is competitive, especially for education institutions. Licensing can be a little bit difficult to navigate, especially with resellers with Cisco, but for us it has been pretty easy."
"Cisco SecureX is more expensive than Trend Micro. However, considering the integration capabilities with other solutions and the quality of technical support, I believe there's justification for the price difference."
"It comes free with all Cisco products. So, it is a good price."
"The product is absolutely free to any customer. As such, the only thing one must keep in mind is that as long as he already has one Cisco security product, irregardless of what that product is, SecureX is available for free."
"The pricing is the best part of this solution. It is free if you buy Umbrella or Duo Security. It is also a good solution."
"For the value you get, the pricing of the solution is excellent."
"The product has a very good licensing model."
"Pricing was reasonable and competitive. It was not too far above the other products."
"It is an expensive platform."
"Qualys has an IT-based licensing based on a yearly license, which is a good way of handling it. However, in some cases, when we do the PCI scanning, the host will not like the scanning and we lose the IT license. So, this could be improved."
"I rate the software’s pricing a six out of ten."
"We normally purchase an annual license."
"Licensing was based on the number of assets that you want to scan on your network. You can also do licensing on subscription. On subscription, it is easier and more flexible. You tell Qualys that you want to move from the 1000 to 2000 band or the 3000 or 5000 band, then they will give you the quotation for it. Once you pay for it, applying the licensing is quite easy and effective."
"Try the free trial of the product to understand the basic working mechanisms.​"
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
861,481 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
37%
Financial Services Firm
7%
Manufacturing Company
6%
Government
6%
Computer Software Company
15%
Financial Services Firm
14%
Manufacturing Company
10%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Ask a question
Earn 20 points
What do you like most about Qualys Web Application Scanning?
The vulnerability management feature is a strong one. And also the patch management feature.
What needs improvement with Qualys Web Application Scanning?
I would like it to be cheaper because it is a bit expensive compared to competitors like Tenable Nessus ( /products/tenable-nessus-reviews ). After using the product for a year, I might have more s...
 

Also Known As

Kenna.AppSec, Kenna.VI
Qualys WAS
 

Overview

 

Sample Customers

NHS, Rackspace, UNC Pembroke, University of North Carolina at Charlotte, Missing Piece
BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools. Updated: June 2025.
861,481 professionals have used our research since 2012.