We performed a comparison between Fortify WebInspect and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of this solution is the ability to make our customers more secure."
"The solution's technical support was very helpful."
"Good at scanning and finding vulnerabilities."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"The most valuable feature is the static analysis."
"Technical support has been good."
"It's a well-known platform for doing dynamic application scanning."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"It is easy to use."
"The product prevents possible vulnerabilities in our network."
"The vulnerability management feature is a strong one. And also the patch management feature."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"Key features include: Cloud-based, so the installation is not so tedious. Easily deployed. Highly scalable. Comprehensive reporting."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"The scanner could be better."
"Not sufficiently compatible with some of our systems."
"The initial setup was complex."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"One thing I would like to see them introduce is a cloud-based platform."
"We have had a problem with authentification."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"The product's pricing could be better."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"Deployment can be complicated."
"The scanner reports a lot of false positives, which is something that needs to be improved."
"There should be better visibility into the application."
"There could be better management and faster scanning."
More Qualys Web Application Scanning Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while Qualys Web Application Scanning is ranked 18th in Application Security Tools with 31 reviews. Fortify WebInspect is rated 7.0, while Qualys Web Application Scanning is rated 7.8. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, Acunetix, OWASP Zap and Veracode, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Tenable.io Web Application Scanning. See our Fortify WebInspect vs. Qualys Web Application Scanning report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.