Qualys Web Application Scanning Valuable Features

SubhajitAich - PeerSpot reviewer
Security Consultant at Cognizant

Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box.

View full review »
Koketso Ditlhage - PeerSpot reviewer
Information Communication Technology Specialist at UNIVERSITY OF JOHANNESBURG

Qualys Web Application Scanning's most valuable features are patch management, vulnerability management, and PCI compliance.

View full review »
NS
Lead Cyber Security engineer at a tech services company with 201-500 employees

I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews.

View full review »
Buyer's Guide
Application Security Tools
March 2024
Find out what your peers are saying about Qualys, Veracode, Invicti and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.
HJ
Data Specialist at CHUN SHIN LIMITED

The best thing about this product is that it is really easy to use.  

View full review »
Daniel_Ndiba - PeerSpot reviewer
Assistant Manager - Cyber & Cloud Security at a financial services firm with 1,001-5,000 employees

It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools.

View full review »
Akhat Tukenov - PeerSpot reviewer
Cyber Security Engineer at Alexis Company

Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations.

View full review »
SandeepKumar1 - PeerSpot reviewer
Design Engineer at Uop Ipl, Honeywell

Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile).

View full review »
EG
IT Security Analyst at Banco de Fomento Angola

The product prevents possible vulnerabilities in our network.

View full review »
YongjinLee - PeerSpot reviewer
Commercial Pre-Sales at Megazone

The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera.

View full review »
S S RAMA KRISHNA MURTHY  SURI - PeerSpot reviewer
Senior Manager at valuelabs LLP

The monitor's ability to read the reports, or to do very detailed reports is great. It's good at looking at the different vulnerabilities. Rarely are there security loopholes. It can also suggest ways to mitigate risks and vulnerabilities. 

There's a lot of great reference material. 

The integration is great. It works with many different products. 

View full review »
PK
Senior Software Developer at a tech vendor with 1,001-5,000 employees

The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours.

View full review »
MT
Technical Lead at a computer software company with 501-1,000 employees

It is a good product for website penetration testing to detect vulnerabilities.

View full review »
Vivek Sathaye - PeerSpot reviewer
Director at Benelec

The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done.

View full review »
VJ
Sr Cybersecurity Leader at a non-tech company with 1,001-5,000 employees

Qualys' process of updating signatures is something we really appreciate, and it's way ahead of its industry peers. 

View full review »
FG
Cyber Security Sales Specialist at a tech services company with 1,001-5,000 employees

The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera.

View full review »
SubhajitAich - PeerSpot reviewer
Security Consultant at Cognizant

The most valuable features are scanning analysis and reporting.

This solution also provides real-time monitoring.

The interface is user-friendly and easy to understand.

View full review »
it_user488199 - PeerSpot reviewer
Senior Security Systems Engineer at a computer software company with 501-1,000 employees
  • Ease of use and setup
  • Visibility into our environment
View full review »
Brammadevan K - PeerSpot reviewer
Cyber Security Engineer at R S Consulting Services

The vulnerability management feature is a strong one. And also the patch management feature.

Qualys integrates with Endpoint Detection and Response (EDR) for malware detection. EDR continuously monitors endpoints and takes snapshots of all of the endpoints and assets. Any changes are collected and sent to the cloud every four hours.

EDR also provides other capabilities like incident response and campaign identification. If malware is detected, the user can get remediation steps and send alerts to the system. It also provides forensic reports if there is a need for more detailed reports from the endpoints. 

Qualys is easy to use as there's no hardware to manage because it's fully cloud-based. Once the platform is installed, you can access all of our services. 

The application product integration, especially integrating Qualys with the DevOps environment like Jenkins, is straightforward. It facilitates continuous testing and integration, allowing us to perform scans on a weekly or monthly basis efficiently.

View full review »
it_user395523 - PeerSpot reviewer
Sr. Director, Cloud Platform Engineering at a tech vendor with 5,001-10,000 employees

We’re a Linux shop and Qualys gave us good Linux vulnerability scanning; no experience with it on MSFT products. It reports only a few glaring false-positive errors (directory ownership was a common one), and our post-processing dealt with the known exceptions we’d agreed on. The long baseline of iterative results was valuable to track changes and our rate of improvement. Access to the API let us automate its use in our CI/CD pipeline for machine images.

View full review »
it_user335112 - PeerSpot reviewer
Information Security Manager at a comms service provider with 1,001-5,000 employees
  • OWASP Top 10 scanning
  • PCI-ASV scanning
View full review »
JB
Consultant at a tech services company with 1,001-5,000 employees

The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level. 

View full review »
RT
Delivery Manager at a tech vendor with 1,001-5,000 employees

We are using scanners and the PCI model. We do PCI scanning because we are a PCI vendor. We are using the tool to do the scanning on whatever the latest vulnerabilities there are, and Qualys is always providing us updates. We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not.

View full review »
it_user494979 - PeerSpot reviewer
Module Lead with 1,001-5,000 employees

There is nothing out of the box in the Qualys web application scanning module. One good thing is that it reports fewer false positives.

View full review »
AJ
Lead Security Architect at a financial services firm with 501-1,000 employees

The vulnerability scanning and patching features are the most valuable parts of the solution.

View full review »
it_user700140 - PeerSpot reviewer
Ex Senior Security Analyst and Onsite consultant at Paladion Networks

QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations.

View full review »
GV
CEO at a tech services company with 51-200 employees

I am not the person who is actually directly testing this. One of the other people from our team is doing that. But I was involved in the selection of what we products we should compare based on available features, demos, and how products appear to meet our needs. What I remember from my experience with Qualys is that the simplicity of exporting reports and the simplicity and clarity of the reports included with the product is good. The website was also well-designed and easy to navigate. The SSL security measurements that the product offers seem comprehensive. But I can not say, at this preliminary phase, that I specifically think this or that from Qualys is the most valuable. It is intriguing enough to make our shortlist and POC efforts.  

View full review »
it_user335103 - PeerSpot reviewer
Info-Security Consultant at a financial services firm with 1,001-5,000 employees

It protects against zero-day vulnerabilities, like Heartbleed.

View full review »
it_user563475 - PeerSpot reviewer
Deputy Manager at a tech services company with 10,001+ employees

Network scanner has good reporting, coverage was also good. In Web scanner, dashboard was good but features were limited.

View full review »
it_user255879 - PeerSpot reviewer
Security Analyst at a tech services company with 1,001-5,000 employees

WAS and being able to integrate Selenium IDE to automate the login process was most helpful.

View full review »
SC
Cyber Security Consultant at a tech services company with 10,001+ employees
  • It's cloud-based so the installation is not so tedious.
  • Easily deployed.
  • Highly scalable.
  • Comprehensive reporting.

Also, you can integrate your Burp Suite results and create an integrated report. 

The way it shows the results - threats and exploit details - makes remediation very easy.

We have seen very few false positives. We found the documentation very useful, particularly the roll-out guide. While the tool is not hard to use, by dividing the documentation into sections, the company provided specific guidance on use cases that are not necessarily limited to the tool itself.

View full review »
Buyer's Guide
Application Security Tools
March 2024
Find out what your peers are saying about Qualys, Veracode, Invicti and others in Application Security Tools. Updated: March 2024.
765,234 professionals have used our research since 2012.