Name: Qualys TotalAppSec
Rating: 4.5 (231 reviews)

Overview

Product Information on Qualys TotalAppSec

Updated 6th May 2024

What is Qualys TotalAppSec?

Qualys Web Application Scanning (WAS) secures web applications & APIs and reduces risks across the entire web attack surface through comprehensive discovery, continuous monitoring & automated remediation. 1. Comprehensive discovery across hybrid, cloud-native or on-prem environments and internal & external networks for unknown, orphaned and forgotten web apps & APIs. 2. Continuous monitoring, consolidated detection and risk-based prioritization of runtime vulnerabilities, misconfigurations, sensitive data & PII exposures, OWASP Top 10 risks, manual PEN test, web malware, in addition to compliance against regulatory standards like PCI DSS, GDPR, and HIPAA. 3. Automated remediation workflows with integration into CI/CD pipelines and ITSM to support Shift Left & Shift Right testing, reduce time to remediate, and promote collaboration between DevSecOps, AppSec, IT Ops teams.

Overall experience with Qualys TotalAppSec

MANAGER, IT SECURITY AND RISK MANAGEMENT

30B + USD, Banking

FAVORABLE

“AI-Powered Solution Strengthens Application Security With Automated, Prioritized Testing”

4.0

Nov 20, 2025

This is the best AI risk management solution to secure our applications across all environments.

IT Security & Risk Management Associate

10B - 30B USD, Retail

CRITICAL

“User Experience Analysis: Understanding the Pros and Cons”

3.0

May 29, 2024

easy to use, simple interface, works well. however, there are a few issues for the average use

About Company

Company Description

Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide, including a majority of the Forbes Global 100 and Fortune 100. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings. The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices.

Company Details

Company type

Public

Year Founded

1999

Head office location

Foster City, United States

Number of employees

1001 - 5000

Website

https://www.qualys.com

Do You Manage Peer Insights at Qualys?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

Reviewer Insights for: Qualys TotalAppSec

Deciding Factors: Qualys TotalAppSec Vs. Market Average

Qualys TotalAppSec Likes & Dislikes

1. It integrates and automates. 2. It prioritizes risk with Qualys Enterprise TruRisk. 3. It enables Advanced Security Testing.

ease of use, learning curve

It starts the scanning of your web application for vulnerabilities with the help of its cloud-based scanner which simulates the attacks on the web application. to find the weaknesses and the vulnerability. It can also scan public-facing applications as well as applications that require login credentials for deeper authentication-based tests. It helps us to identify a wide range of vulnerabilities including input validation issues, insecure coding practices, misconfigurations, and other security flaws. It is designed for both security teams and developers too. It can scan both dynamic and static aspects of web applications ensures comprehensive security coverage across the entire application lifecycle.

There are no weaknesses.

WAS reports have bad/illegible formatting for anything other than pdf

The cost is high for small businesses as it is not affordable by them. There is a limitation in customization. Sometimes user face false positive, so they have to do manual investigation of the scan result to detect whether its false positive or true positive.

Top Qualys TotalAppSec Alternatives

Peer Discussions

Qualys TotalAppSec Reviews and Ratings

Recommended Gartner Insights

10B+ USD

Banking

Review Source

AI-Powered Solution Strengthens Application Security With Automated, Prioritized Testing

FULL-STACK DEVELOPER

Gov't/PS/Ed

Education

Transforming Security Posture with Cloud-based Web Scanner

5.0

Feb 11, 2025

It is used to identify and mitigate security vulnerabilities in web applications. It uses automated tools to test web applications for weaknesses that could be exploited by attackers. It is a cloud-based tool that is designed to provide automated scanning for vulnerabilities in web applications. It help organization to identify and manage the security of web applications to improve the security posture of the organization. Its comprehensive coverage, ease of use, and integration with the Qualys Cloud Platform make it an easier and better choice for organizations to protect their web applications from attackers.

SENIOR ACCOUNT EXECUTIVE

<50M USD

Retail

Qualys' WAS: A Comprehensive Solution for Web Application Vulnerabilities

Feb 5, 2025

WAS by Qualys is a robust security tool that identifies vulnerabilities in web applications. The cloud platform is great at providing automated and scalable security scanning for any corporation of any size. It helps us to detect security risks like SQL injection, misconfiguration, ensuring apps remain secure and cross-site scripting. It's a huge advantage for any organization against evolving threats. It keeps us up to speed and alerts any opening to data dangers.

Engineer

50M-1B USD

Manufacturing

Unleashing Qualys WAS: A Deep Dive into White Box Testing

Feb 14, 2025

It provides white box testing of applications hosted in our environment with more other details about the remediation and payloads used for testing.

IT SECURITY - RISK & COMPLIANCE

IT Services

Strengths and Weaknesses of Qualys web app scanning

Feb 16, 2025

It was a great experience with Qualys web app and API security testing its a SAAS based api testing solution with AI vulnerability scanning involved and figures the all top owasp vulnerabilities and phi data and misconfigs good to have.

Qualys TotalAppSec