We performed a comparison between GitLab and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like GitLab from the CI/CD perspective. It is much easier to set up CI/CD and then integrate with other tools."
"The most valuable feature of GitLab is its security."
"This is a scalable solution. We had around 200 users working with it."
"It speeds up our development, it's faster, safer, and more convenient."
"It scales well."
"A user friendly solution."
"It is scalable."
"The merging feature makes it easy later on for the deployment."
"It is easy to use."
"It is a very stable solution."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"GitLab's Windows version is yet not available and having this would be an improvement."
"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
"Reporting could be improved."
"The initial setup was quite challenging because it takes some time to understand how to pull out or push the code."
"I would like to see better integration with project management tools such as Jira."
"The integration could be slightly better."
"We'd always like to see better pricing on the product."
"We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating."
"The product's pricing could be better."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"They should try to include business logic vulnerabilities in the scanner testing."
"The solution needs to adjust its pricing. They should make it more affordable."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"The software’s pricing could be improved."
"The product should allow users to upload their payloads."
"The pricing does not seem to be competitive."
More Qualys Web Application Scanning Pricing and Cost Advice →
GitLab is ranked 6th in Application Security Tools with 70 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. GitLab is rated 8.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Fortify Application Defender. See our GitLab vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.