We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"The most valuable feature of the solution is Postman."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"The product has valuable features for static and dynamic testing."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The static scans are good, and the SaaS as well."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The most valuable features are Burp Intruder and Burp Scanner."
"You can scan any number of applications and it updates its database."
"One thing which I think can be improved is the CI/CD Integration"
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"HCL AppScan needs to improve security."
"There is not a central management for static and dynamic."
"They should have a better UI for dashboards."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"PortSwigger Burp Suite Professional could improve the static code review."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"BurpSuite has some issues regarding authentication with OAT tokens that need to be improved."
"It would be good if the solution could give us more details about what exactly is defective."
"In the Professional version, we cannot link it with the CI/CD process."
"I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory."
"One area that can be improved, when compared to alternative tools, is that they could provide different reporting options and in different formats like PDF or something like that."
"If your application uses multi-factor authentication, registration management cannot be automated."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 40 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Checkmarx One, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.