Qualys WAS Reviews

5 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 7.4 out of 100

Do you work for this company? Manage this listing

Overall Rating

Reviewer's Company Size

Last Updated

By Topic




Job Type


Reviews (1-2 of 2)

Anonymous | TrustRadius Reviewer
December 20, 2019

A great web application scanner, with an extensive vulnerability database and tons of valuable reports.

Score 8 out of 10
Vetted Review
Verified User
Review Source
Our Qualys Web Application Scanning (WAS) is being used to scan all our internal and external-facing websites. The Qualys Web Application Scanning (WAS) helps us to identify, report and remediate vulnerabilities in our web applications (which are the most common entry point for hackers), improving our security posture and reducing the risk of a cyber attack.
  • Excellent coverage in terms of vulnerabilities. From SQL injections to buffer overflows.
  • It is integrated with the Qualys Cloud Platform, which is our company-wide vulnerability management solution.
  • The initial setup of a new web application is a little bit complicated (but once it is set up, it works perfectly).
  • It may trigger all your detection tools and generate false-positive incidents (as any vulnerability scanner).
A Web Application vulnerability manager should never replace a proper penetration testing. However, Qualys Web Application Scanning (WAS) is suitable for periodic scans so that you can keep track of vulnerabilities in your environment. I find the Qualys Web Application Scanning (WAS) especially useful when you have canned web solutions (such as WordPress or Joomla) since you can easily detect missing patches and vulnerabilities.
Read this authenticated review
Larry Sullivan | TrustRadius Reviewer
May 16, 2018

Qualysguard Web Application Scanner is pretty damn good

Score 9 out of 10
Vetted Review
Review Source
Qualysguard Web Applications Scanning is a great jumping off point for companies who wish to know any vulnerabilities and/or misconfigurations in their web site or environment. I find it is very cost effective and an asset even in the development phase.
  • Discovering simple to fix vulnerabilities like cross-site scripting or SQL injection are a breeze using Qualys WAS.
  • Since it is cloud based running the tests from anywhere is a great feature.
  • Qualys WAS is very cost effective. Having the tests automated lets you get a jump on the fixes without having to manually test each and every application manually.
  • Sometimes support can be a bit slow off the mark but in general it is good.
  • The scans can take longer than anticipated.
  • The reports can take a lot of customizing.
If you are a company with limited resources and are looking for a reasonable solution for your WAS security needs then I highly recommend Qualys WAS. It is a great tool for quick and one-off testing of web applications.
Read Larry Sullivan's full review

About Qualys WAS

Qualys Web Application Scanning (WAS) (formerly QualysGuard WAS), from Qualys headquartered in Redwood City, California, scans web apps for security threats.
Categories:  Application Security

Qualys WAS Technical Details

Operating Systems: Unspecified
Mobile Application:No