We performed a comparison between Fortify Application Defender and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The product saves us cost and time."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"The security and the dashboard are the most valuable features."
"This solution saves us time due to the low number of false positives detected."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"It provides a better integration for our ecosystem."
"The product has valuable features for static and dynamic testing."
"You can easily find particular features and functions through the UI."
"I encountered many false positives for Python applications."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"Fortify Application Defender gives a lot of false positives."
"The licensing can be a little complex."
"The workbench is a little bit complex when you first start using it."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The false positive rate should be lower."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"They should have a better UI for dashboards."
"A desktop version should be added."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"Many silly false positives are produced."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews while HCL AppScan is ranked 14th in Application Security Tools with 41 reviews. Fortify Application Defender is rated 7.8, while HCL AppScan is rated 7.8. The top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Fortify Application Defender is most compared with Checkmarx One, CAST Application Intelligence Platform, Coverity, SonarQube and Qualys Web Application Scanning, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap. See our Fortify Application Defender vs. HCL AppScan report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.