# Qualys WAS Reviews **Vendor:** Qualys **Category:** [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner) **Average Rating:** 4.5/5.0 **Total Reviews:** 20 ## About Qualys WAS Qualys WAS is Qualys's platform for end-to-end web application scanning. ## Qualys WAS Reviews ### 1. The best web application scanning system **Rating:** 5.0/5.0 stars **Reviewed by:** Muhammed S. | Information Technology Department, Mid-Market (51-1000 emp.) **Reviewed Date:** July 17, 2023 **What do you like best about Qualys WAS?** It's very easy to use and provides centralized management to keep attackers away, securing web applications and APIs. It helps to secure my modern web application and APIs across cloud-native and on-premises architecture. **What do you dislike about Qualys WAS?** Expensive, Qualys is not a cheap solution, and due to being the best application in the industry, this can be a barrier to adoption for some organizations like small organizations. However, for medium and large-scale organizations, it's a perfect fit. **What problems is Qualys WAS solving and how is that benefiting you?** It helps me to identify vulnerabilities in web applications, it helps me to identify a wide range of vulnerabilities including both unknown and known ones, and also helps me to prioritize vulnerabilities according to score and remediation for that. ### 2. Best Software for Vulnerability Management **Rating:** 5.0/5.0 stars **Reviewed by:** Victor Hugo M. | Security Delivery Senior Analyst - Vulnerability Management , Enterprise (> 1000 emp.) **Reviewed Date:** May 30, 2023 **What do you like best about Qualys WAS?** Qualys WAS is a module of the Qualys tool that proves to be powerful, practical, and simple to use, achieving great potential for vulnerability scanning and providing an excellent experience in the triage and tracking of vulnerabilities. **What do you dislike about Qualys WAS?** The only part of Qualys WAS that bothers me is the false-positive vulnerabilities it presents in some cases because I believe it is not possible to change the detection quality in the tool, as OpenVAS provides, for example. **What problems is Qualys WAS solving and how is that benefiting you?** The Qualys WAS resolves a large part of the vulnerability management cycle currently, providing everything from the configuration of scan templates to the final part of reports and vulnerability triage. ### 3. Easy to use **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** December 27, 2023 **What do you like best about Qualys WAS?** Qualys Web Application Scanning is highly regarded for its cloud-based, comprehensive scanning capabilities, low false positives, seamless integration, and user-friendly interface. **What do you dislike about Qualys WAS?** learning curve for new users, and occasional limitations in customization options. **What problems is Qualys WAS solving and how is that benefiting you?** Scanning web apps for latest vulnerability and zero days. ### 4. Qualys WAS: Efficient Web App Security Scanning **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** July 25, 2023 **What do you like best about Qualys WAS?** Qualys WAS offers an extensive range of scanning options, allowing us to perform both automated and manual scans. This versatility enables us to tailor the scanning process to suit our specific security needs. **What do you dislike about Qualys WAS?** Although the interface is user-friendly, new users may encounter a slight learning curve when navigating through the various features and settings. Improved onboarding resources or tutorials could help address this issue. **What problems is Qualys WAS solving and how is that benefiting you?** Qualys WAS solves several critical problems related to web application security, and its benefits are significant for cybersecurity professionals and organizations. Qualys WAS helps identify vulnerabilities and security weaknesses within web applications. By scanning websites and web applications comprehensively, it proactively uncovers potential threats that could be exploited by attackers. ### 5. Qualys WAS: A Great and Reliable Tool for PCI DSS Requirements **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer Software | Mid-Market (51-1000 emp.) **Reviewed Date:** July 25, 2023 **What do you like best about Qualys WAS?** What I like the best about Qualys WAS is its user-friendly interface and the result it outputs after the scan. The way the results were displayed was intuitive and is really helpful when fixing the security issues. **What do you dislike about Qualys WAS?** It's hard to acquire credentials or register to the application. Once you accessed the credentials link and you accidentally close it, then you won't be able to access it again, so be careful. **What problems is Qualys WAS solving and how is that benefiting you?** We were able to resolve the issues that prevents us from getting the PCI DSS certification for our application. It benefitted us greatly as we don't have to under go tedious work to become PCI-DSS certified. ### 6. Powerful tool **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Mid-Market (51-1000 emp.) **Reviewed Date:** July 19, 2023 **What do you like best about Qualys WAS?** Its user-friendly interface, comprehensive scanning options, and rapid performance impressed me. The detailed reports and excellent customer support further enhanced the experience, making it an outstanding choice for web application security assessments. **What do you dislike about Qualys WAS?** the pricing ison the higher side, which might not be feasible for smaller organizations with budget constraints. Additionally, the initial setup and configuration process is a bit time-consuming... **What problems is Qualys WAS solving and how is that benefiting you?** Qualys WAS is addressing the critical problem of web application vulnerabilities and security risks. By performing comprehensive security assessments, it helps identify potential weaknesses within our web applications, including vulnerabilities that could be exploited by malicious actors. ### 7. Best cloud based Qualys WAS for Security **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** July 11, 2023 **What do you like best about Qualys WAS?** Best part is that quick updates their vulnerability databases and thus being sure you are updated to the latest threat detection signatures available/discovered. The user experience great The customer support flawless WAS software was easy to use the certification offered by Qualsy was beneficial. **What do you dislike about Qualys WAS?** Sometime face issue for support as get late reply, we understand as Qualys is having huge customer services for different product **What problems is Qualys WAS solving and how is that benefiting you?** Reduced vulnerabilities scans the application and generates a visual report explaining all potential security threats Qualys WAS seamlessly integrates with leading DevSecOps and CI/CD platforms like Jenkins and AzureDevops ### 8. Best platform for my project work **Rating:** 5.0/5.0 stars **Reviewed by:** Sanhita S. | Small-Business (50 or fewer emp.) **Reviewed Date:** July 17, 2023 **What do you like best about Qualys WAS?** easy to use platform, very helpful to learn about vulnerability management;etc. **What do you dislike about Qualys WAS?** if there was free trail for longer period, especially for students it would be helpful so that thry can explore the platform and products more better. **What problems is Qualys WAS solving and how is that benefiting you?** helped to identify the vulnerabilities for the clients projects websites. ### 9. Best App Security Software **Rating:** 4.5/5.0 stars **Reviewed by:** Manoj P. | Lead Consultant, Enterprise (> 1000 emp.) **Reviewed Date:** November 02, 2022 **What do you like best about Qualys WAS?** It is very user friendly as compared with compititor tools. **What do you dislike about Qualys WAS?** To my personal experience i don't find anything to complain about. **What problems is Qualys WAS solving and how is that benefiting you?** Application security is prime concern now a days. With help of Qualys WAS able to perform quick DAST scans and take immediate actions as appropriate. ### 10. Qualys WAS **Rating:** 5.0/5.0 stars **Reviewed by:** Balaji Ganesh M. | Senior Engineer - Product Security, Mid-Market (51-1000 emp.) **Reviewed Date:** November 02, 2022 **What do you like best about Qualys WAS?** The user experience was great, the customer support was flawless, WAS software was easy to use, and the certification offered by Qualsy was beneficial. **What do you dislike about Qualys WAS?** The pricing is a bit expensive, and saas offering is costly for small to medium-sized organisations. The VMDR solution is a great offering it is worth the price. **What problems is Qualys WAS solving and how is that benefiting you?** All the vulnerability assessment and Management problems were handled using Qualy's set of tools and the patching tools offered by qualys is one of the market's best. ### 11. Overall very good **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Outsourcing/Offshoring | Enterprise (> 1000 emp.) **Reviewed Date:** June 22, 2022 **What do you like best about Qualys WAS?** Easy integration and has very extensive reporting. **What do you dislike about Qualys WAS?** Some false positives and complex navigation **What problems is Qualys WAS solving and how is that benefiting you?** Reduced vulnerabilities for both internal and customer facings web apps. ### 12. Qualys WAS Review **Rating:** 4.0/5.0 stars **Reviewed by:** Debarati B. | Senior Software Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** August 17, 2021 **What do you like best about Qualys WAS?** It's effortless to use and gives a graphical interface to visualize all details about the application. **What do you dislike about Qualys WAS?** There is nothing to dislike as of now. It serves the purpose. **Recommendations to others considering Qualys WAS:** It is a great tool to scan your application and generate reports which are fully automated and lightweight, and easy to integrate. I recommend Qualys WAS. **What problems is Qualys WAS solving and how is that benefiting you?** Qualys helps us detect application security vulnerability, and it scans the application and generates a visual report explaining all potential security threats. It is an easy-to-use tool, easy to integrate, and lightweight too. ### 13. Best DAST tool in the market. **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** December 10, 2021 **What do you like best about Qualys WAS?** Their detection engine is quite well and I have personally discovered a couple of vulnerabilities that were not easy to identify manually. Their vulnerability DB is always updated with the latest 0-days detections. **What do you dislike about Qualys WAS?** They should come up with a free trial option. **What problems is Qualys WAS solving and how is that benefiting you?** It helps identify security vulnerabilities and that helps web app owners to secure their applications. ### 14. Web application Scanner **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** August 24, 2021 **What do you like best about Qualys WAS?** 1. Complex visualizations can also be created since the queries support Boolean logic 2. Informative reports 3. Scan configurations were quick and easy. 4. Offers a wide range of settings for more targeted scans **What do you dislike about Qualys WAS?** 1. Redundantly scans pages in vain with little to no modification in the alphanumeric query parameter values 2. It doesn’t cover automatic patching for all types of vulnerabilities. **What problems is Qualys WAS solving and how is that benefiting you?** We used it for pre-release scans of our products each month. It was used by the Information Security team who would help the Development teams to ensure that products are bug-free before they get released to our customers. ### 15. Very positive and fit well into their suite of products. **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.) **Reviewed Date:** September 08, 2021 **What do you like best about Qualys WAS?** The best thing I liked was the level of detail provided within the solution as well as the easy fit and use into the overall Qualys product suite. **What do you dislike about Qualys WAS?** Not much that I dislike, aside from the fact that some other solutions provide a bit more detail and proof of the vulnerability over what I have seen with the Qualys solution. **What problems is Qualys WAS solving and how is that benefiting you?** We have been able to reduce our risk exposure by seamlessly tying in web application scanning and vulnerability management with a all in one tool. ### 16. Qualys WAS is a web application scanning app which monitors the threats in web apps. **Rating:** 5.0/5.0 stars **Reviewed by:** Byron T. | FinOps Principal, Mid-Market (51-1000 emp.) **Reviewed Date:** May 27, 2020 **What do you like best about Qualys WAS?** We faced major security breach in our system before we started this app. It offers two types of securities. First of all the network security which is great in many aspects. It scans the unauthorized access every time and tries to send mails for recognition. The special feature is the vulnerability scanning technique. This points out the weakness in the system and empowers them. It is very easily launched with the cloud platform. The regular updates regarding the vulnerability management are also the thing in this app. Secondly it offers the computer security feature. It further brings the audit trail that is giving some major monitoring. **What do you dislike about Qualys WAS?** Some of the features should be included in it for much better use like firewall and activity monitoring. This can prove great in so many ways for online security system. The intrusion detection system is important as well for detecting the malicious activities going on. It is also missing in this app. Anti virus and anti spam are the must features and this app does not have this as well. **Recommendations to others considering Qualys WAS:** This web application scanner is protecting in so many ways and for this, we will suggest this application for better results. **What problems is Qualys WAS solving and how is that benefiting you?** Qualys aws is contributing well enough in the security system. It improves by every next update and helps the systems to work freely. The interface is great and easy to use. Computer security also consists of compliance management which improves the system more. Financial data protection and database security audit are both part and parcel of this system and aids in supporting the business. ### 17. Very good tool for vulnerability findings **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Enterprise (> 1000 emp.) **Reviewed Date:** March 26, 2020 **What do you like best about Qualys WAS?** Qualys gives list of vulnerability findings along with solution and criticality of the issue. Which really helps organization to keep monitoring and implement vulnerability fixes. **What do you dislike about Qualys WAS?** Sometimes if we run for multiple servers, some servers getting error out, and has limitation for no of servers scanned in single request. **What problems is Qualys WAS solving and how is that benefiting you?** Security related vulnerability, software vulnerabilities, OS vulnerabilities can be identified. Using this applications can be with enterprise security standards. ### 18. Although it doesn't replace a penetration testing, it is amazing to keep monitoring vulnerabilities **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** November 28, 2019 **What do you like best about Qualys WAS?** Once you set up your web application scan, you can schedule monthly scans to ensure your website is not vulnerable. In this way, it is easy to monitor the vulnerabilities on your environment. I also like to use the Qualys WAS to monitor my Wordpress website for missing patches. **What do you dislike about Qualys WAS?** As any WAS solution, this does not replace a pentesting. There is a considerable amount of false-positives and false-negatives. Also, the initial WAS configuration may be a little bit overwhelming, there are a LOT of parameters and some of them are not that well described. However, once you set your scan, you will never have to worry about it anymore. **What problems is Qualys WAS solving and how is that benefiting you?** Monitoring the security of our company Wordpress website. ### 19. Qualys review **Rating:** 4.0/5.0 stars **Reviewed by:** Gaurav G. | Senior Software Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** April 01, 2020 **What do you like best about Qualys WAS?** It offers vulnerability scanning which is the best part in project. It is a quiet efficient automation tool for performing multiple penetration tests. **What do you dislike about Qualys WAS?** It is a really nice software to use. There is no any thing to dislike. **Recommendations to others considering Qualys WAS:** Our team was using it for penetration tests. **What problems is Qualys WAS solving and how is that benefiting you?** We check our infrastructure with thorough penetration tests. ### 20. Best scanner in Today's market **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Internet | Mid-Market (51-1000 emp.) **Reviewed Date:** July 22, 2018 **What do you like best about Qualys WAS?** I have seen many scanning agents, but qualys provide exact results and provide the solutions and fix in the reports. This is awesome scanner i have ever seen. **What do you dislike about Qualys WAS?** None. I love this product. Support is not so good. Late responses for support ticket. **What problems is Qualys WAS solving and how is that benefiting you?** We use this scans to send to our clients for security reviews. Also, after every release we run scans to see what issues have come and what to fix. ## Qualys WAS Discussions - [What are the typical features offered by vulnerability scanner?](https://www.g2.com/discussions/what-are-the-typical-features-offered-by-vulnerability-scanner) - 1 comment - [View Qualys WAS pricing details and edition comparison](https://www.g2.com/products/qualys-was/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-13+22%3A55%3A42+-0500&secure%5Bsession_id%5D=21bf3c8f-6595-4e9d-963d-465d5308a83c&secure%5Btoken%5D=bb244508ee3b3d294a163ff822ec80c23affcfd1ebf03cefcfeb5c34617d3f08&format=llm_user) ## Qualys WAS Features **Performance** - Issue Tracking - Detection Rate - False Positives - Automated Scans **Network** - Compliance Testing - Perimeter Scanning - Configuration Monitoring **Application** - Manual Application Testing - Static Code Analysis - Black Box Testing **Agentic AI - Vulnerability Scanner** - Autonomous Task Execution - Proactive Assistance ## Top Qualys WAS Alternatives - [Burp Suite](https://www.g2.com/products/burp-suite/reviews) - 4.8/5.0 (125 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) - 4.5/5.0 (287 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (773 reviews)