We performed a comparison between Fortinet FortiWeb and Qualys VMDR based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."Fortinet FortiWeb has improved my organization by protecting our customer's web infrastructure environment."
"I like FortiWeb's usability and ease of configuration. It's simple to configure rules and exceptions inside the attack log. We block everything by default. If something isn't working, we ask the system admin to adjust the template and add exceptions."
"I have recently been looking at the SSL certificate features and the learning mode of the appliance. This appliance learns from the pattern of SSL attacks."
"The initial setup is pretty straightforward."
"It's stable and works efficiently against OWASP Top 10 attacks."
"If I need something from tech support, I can get it answered within the hour."
"The most valuable features in Fortinet FortiWeb are sandboxing and threat prevention."
"It is easy to install and to maintain."
"I like Qualys because it is a very complete product, more so than Tenable."
"It's very configurable to adjust impact to systems."
"The solution shows us classic categories, including high, medium, and low risks. It also shows critical items, and that gives us the advantage of prioritizing things."
"It is a simple solution that makes scanning easy. You just give it a scheduled task, and it will do everything for you."
"Qualys VM is very stable."
"The biggest benefit is from a security operations perspective, where we are able to drive our security posture upwards by remediating any discovered vulnerabilities."
"Qualys VM's most valuable feature is automatic detection."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"The solution could improve by being able to handle different use cases."
"The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures."
"For advanced users, it would be really useful to have access and the ability to manipulate packets. If we can access and manipulate the contents of packets, even encrypted packets... that would be powerful. Since we're looking at packets arriving at our network, we would have the private key to access those packets and their information."
"Lacks a VM demo to enable testing prior to purchase."
"HA Architecture needs improvement. I would improve it by working on AP HA."
"No solution is 100% secure and the security could always be worked on."
"The solution could improve by providing more integration with solutions other than the Fortinet family."
"New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems."
"Reports were lacking somewhat on the customization side."
"The customer support is very bad."
"Qualys VM could improve by having more skilled support personnel."
"Qualys VM's machine learning and artificial intelligence features could be improved."
"I would like to have CSPM, a continuous scan-like cloud added to the solution."
"There seems to be a lack of easy onboarding into Qualys."
"Improve the user interface."
"The IoT scan is not great."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews. Fortinet FortiWeb is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.