Try our new research platform with insights from 80,000+ expert users

Apache JMeter vs HCL AppScan comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Apache JMeter
Average Rating
7.8
Reviews Sentiment
7.1
Number of Reviews
93
Ranking in other categories
Performance Testing Tools (1st), Load Testing Tools (1st), API Testing Tools (3rd)
HCL AppScan
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
43
Ranking in other categories
Application Security Tools (14th), Static Application Security Testing (SAST) (10th), Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

While both are Quality Assurance solutions, they serve different purposes. Apache JMeter is designed for Performance Testing Tools and holds a mindshare of 24.0%, up 23.9% compared to last year.
HCL AppScan, on the other hand, focuses on Application Security Tools, holds 2.6% mindshare, down 2.7% since last year.
Performance Testing Tools
Application Security Tools
 

Featured Reviews

Sreenivasula Mukkamalla - PeerSpot reviewer
Leveraging cost-effective customization with powerful plugins but complexity reduction needed
Apache JMeter offers plugins for reporting and preparing test scenarios. It allows recording to customization, letting you download plugins to connect with databases or external systems. Despite being open source, it offers features comparable to paid tools, and its ability to customize and expand is particularly useful. Additionally, its open-source nature makes it cost-effective.
Rishi Anupam - PeerSpot reviewer
A stable and scalable scanning solution with good reporting feature
The solution is used for the vulnerabilities scan on the network side The reporting part is the most valuable feature. The penetration testing feature should be included. I have been using the solution for four years. It is a stable solution. I rate it seven out of ten. It is a scalable…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is scalable. You can scale up to 1,000 users in JMeter. If you can put up four slave servers, you can easily ramp up to 1,000 users."
"Monetary benefits with Apache JMeter are notable since it doesn’t require a licensed version."
"Apache JMeter is completely free as it is open-source, providing cost-effective customization options."
"We find the load testing feature valuable."
"The most valuable feature in JMeter is the Thread Group, which helps us to see whether the performance is good."
"I like the fact that JMeter integrates well with other tools."
"I appreciate JMeter's simplicity and power for performance testing."
"JMeter is basically the art of the entire performance testing process."
"Compared to other tools only AppScan supports special language."
"It was easy to set up."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"AppScan is stable."
"The security and the dashboard are the most valuable features."
 

Cons

"The reporting section of the solution can be better."
"You really need a technical team in order to really utilize the product."
"We would like more documentation to be provided for the advanced level features that are available in this solution, in order to improve development."
"What needs improvement in Apache JMeter is the very high load requirements when you want to scale it beyond certain thresholds. For example, small to mid-range testing is very easily done with Apache JMeter, but if you scale and increase the load, then it would be a problem because the tool consumes a lot of resources, probably because Apache JMeter provides an enriched UI experience, so it consumes a lot of memory and requires high CPU usage. This means you have to manage your infrastructure, or else you'll have high overhead expenses. As Apache JMeter is a heavyweight tool, that is an area for improvement, though I'm unsure if Apache can do something about it because it could be a result of the way it's architected. What I'd like to see from Apache JMeter in the future is for it to transition to the cloud, as a lot of cloud technologies emerge around the globe, and a lot of people prefer cloud-based solutions or cloud-native tools. Even if a company has a legacy system, it's still possible to transition to the cloud. I've worked with a company that was an on-premise company that moved to the cloud and became cloud-native. If Apache JMeter could transition to the cloud, similar to k6, then it could help lessen the intense resource consumption that's currently happening in Apache JMeter."
"I need to consider it further because as features increase, it might become more complicated, and my goal has always been simplicity. Currently, I have to focus on other tasks, and I'm handling multiple responsibilities, so I can't juggle everything at once. However, if you ask me, I believe EJB covers most functionalities that are crucial. One improvement I'd suggest is adding a graphical aspect to the Gateway, making it a bit more colorful. Unlike JMeter, which lacks color, having a bit of color in the graphical aspects would be beneficial. Overall, for the essential features, EJB should work fine."
"JMeter output reports can be difficult to understand without training."
"The initial setup is complex and needs to be upgraded."
"The interface could be made more user-friendly."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"Improvement can be done as per customer requirements."
"They have to improve support."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"They could add a software component analysis tool."
"A desktop version should be added."
"The product has some technical limitations."
 

Pricing and Cost Advice

"JMeter is open source and available free of charge."
"The product has reasonable pricing."
"In terms of open-source adoption, it is completely free."
"There are operational costs related to using Amazon Cloud, but the tool itself."
"This is an open-source solution, so there are no licensing costs associated with it."
"The solution is open-source."
"Apache JMeter is far less expensive than HP Performance Center."
"The price of Apache JMeter is good. The selling rate is quite effective and the limited users with a multi-region-related execution."
"The tool was expensive."
"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
"With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
"The solution is moderately priced."
"The price is very expensive."
"Our clients are willing to pay the extra money. It is expensive."
"I rate the product's price a seven on a scale of one to ten, where one is low, and ten is high. HCL AppScan is an expensive tool."
"The solution is cheap."
report
Use our free recommendation engine to learn which Performance Testing Tools solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
20%
Computer Software Company
16%
Manufacturing Company
7%
Government
7%
Computer Software Company
19%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

How does Postman compare with Apache JMeter?
Postman lets you easily define variables, which then get updated automatically. This is a huge time-saver and makes processes very efficient. We can also export the test cases we create and share t...
How does BlazeMeter compare with Apache JMeter?
Blazemeter is a continuous testing platform that provides scriptless test automation. It unifies functional and performance testing, enabling users to monitor and test public and private APIs. We ...
What do you like most about Apache JMeter?
I appreciate JMeter's simplicity and power for performance testing.
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
 

Also Known As

JMeter
IBM Security AppScan, Rational AppScan, AppScan
 

Overview

 

Sample Customers

AOL, Orbitz, Innopath Software, PrepMe, Sapient, Corporate Express Australia, CSIRO, Ephibian, Talis, DATACOM, ALALOOP, eFusion, Panter, Sourcepole, University of Western Cape
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Find out what your peers are saying about Apache, Tricentis, Perforce and others in Performance Testing Tools. Updated: March 2025.
844,944 professionals have used our research since 2012.