Try our new research platform with insights from 80,000+ expert users

Check Point CloudGuard WAF vs HCL AppScan comparison

Check Point Software Technologies and HCLSoftware are both solutions in the Application Security Tools category. Check Point Software Technologies is ranked #10 with an average rating of 8.7, while HCLSoftware is ranked #14 with an average rating of 7.9. Check Point Software Technologies holds a 0.1% mindshare in AS, compared to HCLSoftware ’s 2.6% mindshare. Additionally, 100% of Check Point Software Technologies users are willing to recommend the solution, compared to 83% of HCLSoftware users who would recommend it.
Check Point CloudGuard WAF
Read 43 Check Point CloudGuard WAF reviews
  • 255 Views
  • 114 Comparison Views
100% willing to recommend
HCL AppScan
Read 43 HCL AppScan reviews
  • 3,792 Views
  • 2,867 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

HCL AppScan and Check Point CloudGuard WAF are both security solutions for application and network protection. User feedback suggests Check Point CloudGuard WAF has an advantage due to its comprehensive feature set and better return on investment.

Features: HCL AppScan focuses on thorough vulnerability scanning, robust reporting capabilities, and detailed analysis tools. Check Point CloudGuard WAF offers broad threat detection, advanced protection features, and regularly updated security measures, appealing to those looking for extensive coverage.

Room for Improvement: HCL AppScan users desire greater performance speed, enhanced integration options, and more intuitive user interfaces. Check Point CloudGuard WAF faces demands for simpler configuration settings, improved scalability, and a more user-friendly dashboard for efficient management.

Ease of Deployment and Customer Service: HCL AppScan is valued for its relatively straightforward deployment, yet there are concerns over the responsiveness of customer support. Check Point CloudGuard WAF's deployment is appreciated but can involve complexities requiring enhanced guidance from support services.

Pricing and ROI: HCL AppScan offers competitive initial setup costs but faces scrutiny regarding its long-term ROI. Check Point CloudGuard WAF is seen as having premium pricing; however, users acknowledge the investment due to significant security improvements and overall value over an extended period.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Check Point CloudGuard WAF vs. HCL AppScan Report (Updated: April 2025).
Buyer's Guide
Check Point CloudGuard WAF vs. HCL AppScan
April 2025
Download the complete report
Helped 846,617 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Check Point CloudGuard WAF
Ranking in Application Security Tools
10th
Average Rating
8.8
Reviews Sentiment
7.8
Number of Reviews
43
Ranking in other categories
Web Application Firewall (WAF) (14th)
HCL AppScan
Ranking in Application Security Tools
14th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
43
Ranking in other categories
Static Application Security Testing (SAST) (10th), Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of Check Point CloudGuard WAF is 0.1%, up from 0.1% compared to the previous year. The mindshare of HCL AppScan is 2.6%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Dialungana Malungo - PeerSpot reviewer
Protects our web applications and APIs and has a very low false positive rate
CloudGuard WAF is a very straightforward solution. I do not have to worry about signatures. Most of the solutions that are out there are mainly based on signatures, and I have to do a lot of maintenance to get the signature updates, and sometimes, due to a lack of resources, I am not able to do so. With CloudGuard WAF, I have peace of mind, because most of the features are AI-based, and there is not much configuration that needs to be done on my side. Once set, I only go to CloudGuard WAF to check. I do not have to worry about signatures or updates. Everything is done perfectly, and I have a sense of peace because I know our applications are safe. It is very important for us that CloudGuard WAF protects our applications against threats without relying on signatures. That is definitely one of the key features I need.
Read full review
Rishi Anupam - PeerSpot reviewer
A stable and scalable scanning solution with good reporting feature
The solution is used for the vulnerabilities scan on the network side The reporting part is the most valuable feature. The penetration testing feature should be included. I have been using the solution for four years. It is a stable solution. I rate it seven out of ten. It is a scalable…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"From a security perspective, it is quite good."
"The tool helps us to block IPs and applications."
"Its ability to adapt to our applications and ensure our security policies are followed is a big plus."
"The communication between the on-premises device and the cloud for analysis and feedback is a valuable feature."
"The first valuable feature is that it is not a complex process to get it up and running. It was not complex at all. We were in a close relationship with the team that developed the app, and it worked in a few hours. The second valuable feature is the information that comes out of it."
"It is a highly scalable solution with a quick turnaround time for deployment and running of the software across any IT system."
"The solution offers sophisticated security techniques with unique characteristics that can be particularly valuable for the financial sector, which is where we develop apps."
"The solution's ability to handle multiple websites and applications without needing more expensive hardware is a key advantage."
More Check Point CloudGuard WAF pros
"AppScan's most valuable features include its ability to identify vulnerabilities accurately, provide detailed remediation steps, and the newly introduced AI-powered features that enhance its functionality further."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"The solution is cheap."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"The most valuable feature of the solution is the scanning or security part."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
More HCL AppScan pros
 

Cons

"The creation of security profiles for each application takes a lot of time."
"There are occasions when it interfaces with other systems, leading to a loss of visibility."
"One of the big problems we found in Check Point, in general, is the support."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"They might be able to add more integrations."
"Improving the process for handling licensing renewals would be a welcome enhancement."
"I do not know if it is already there, but I would like to have complete visibility between the posture management and firewall as a service."
"The learning curve was a challenge due to initially incorrect configurations. It took approximately a month and a half to understand how the solution works because of inadequate documentation."
More Check Point CloudGuard WAF cons
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"HCL AppScan needs to improve security."
"AppScan needs to improve its handling of false positives."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"One thing which I think can be improved is the CI/CD Integration"
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
More HCL AppScan cons
 

Pricing and Cost Advice

"The pricing is competitive compared to other solutions on the market. So, the licensing cost is average."
"The tool's licensing costs are yearly and competitive."
"The base solution costs approximately 30,000 euros, with an additional 2,000 euros per year for licenses and support."
"As Infiniti customers, the pricing is manageable, as we have allowances dedicated to each Check Point product. The price is not as high compared to other options I have dealt with in the past."
"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"
"I find the pricing to be reasonable."
"It is not cheap, but it is worth it."
"The sales team or account managers from Check Point are top-notch. As I am using other products as well, my pricing was competitive compared to others."
More Check Point CloudGuard WAF pricing and cost advice
"The solution is cheap."
"The product is moderately priced, though it's an investment due to extensive code analysis needs."
"The price is very expensive."
"The solution is moderately priced."
"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"The tool was expensive."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
More HCL AppScan pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
846,617 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
15%
Manufacturing Company
11%
Comms Service Provider
7%
Computer Software Company
18%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about CloudGuard for Application Security?
We have not had any incidents. We could realize its benefits immediately. We watched and monitored the traffic, and it was amazing to see the results.
See all answers
What is your experience regarding pricing and costs for CloudGuard for Application Security?
As Infiniti customers, the pricing is manageable, as we have allowances dedicated to each Check Point product. The price is not as high compared to other options I have dealt with in the past. Rega...
See all answers
What needs improvement with CloudGuard for Application Security?
We are satisfied with the product because it does what we need it to do, but one thing that I would like to see improved in the product is the protection of our mobile applications. When I migrate ...
See all answers
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
See all answers
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
See all answers
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
See all answers
 

Comparisons

Imperva Web Application Firewall vs Check Point CloudGuard WAF Logo
Imperva Web Application Firewall vs Check Point CloudGuard WAF
Compared 19% of the time
F5 Advanced WAF vs Check Point CloudGuard WAF Logo
F5 Advanced WAF vs Check Point CloudGuard WAF
Compared 15% of the time
AWS WAF vs Check Point CloudGuard WAF Logo
AWS WAF vs Check Point CloudGuard WAF
Compared 14% of the time
Microsoft Azure Application Gateway vs Check Point CloudGuard WAF Logo
Microsoft Azure Application Gateway vs Check Point CloudGuard WAF
Compared 12% of the time
open-appsec vs Check Point CloudGuard WAF Logo
open-appsec vs Check Point CloudGuard WAF
Compared 10% of the time
More Check Point CloudGuard WAF Competitors
Acunetix vs HCL AppScan Logo
Acunetix vs HCL AppScan
Compared 15% of the time
SonarQube Server (formerly SonarQube) vs HCL AppScan Logo
SonarQube Server (formerly SonarQube) vs HCL AppScan
Compared 12% of the time
Veracode vs HCL AppScan Logo
Veracode vs HCL AppScan
Compared 10% of the time
Fortify on Demand vs HCL AppScan Logo
Fortify on Demand vs HCL AppScan
Compared 8% of the time
OWASP Zap vs HCL AppScan Logo
OWASP Zap vs HCL AppScan
Compared 8% of the time
More HCL AppScan Competitors
 

Product Reports

Buyer's Guide
Check Point CloudGuard WAF
April 2025
Check Point CloudGuard WAF reportDownload Check Point CloudGuard WAF product report
Buyer's Guide
HCL AppScan
April 2025
HCL AppScan reportDownload HCL AppScan product report
 

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec
IBM Security AppScan, Rational AppScan, AppScan
 

Overview

Check Point CloudGuard WAF (Web Application Firewall) is a cloud-native security solution designed to protect web applications and APIs from known and unknown threats. It employs contextual AI and machine learning to prevent zero-day attacks without relying on traditional signature-based detection methods, ensuring that applications remain secure even as new threats emerge.

CloudGuard WAF offers preemptive protection against vulnerabilities by using machine learning to identify and block zero-day threats like Log4Shell and Spring4Shell. It provides precise detection capabilities, minimizing the need for constant fine-tuning and reducing false positives. Designed for cloud-native environments, CloudGuard WAF integrates seamlessly with CI/CD pipelines, supporting automated deployment and configuration through infrastructure as code (IaC) or APIs.

Key Features of CloudGuard WAF:

  • ML-Based Threat Prevention: Stops application-layer attacks, including those listed in the OWASP Top 10, with minimal tuning and no reliance on signature updates.
  • API Discovery and Security: Identifies and secures APIs, preventing misuse and enforcing API schemas to protect against unauthorized access.
  • Bot and DDoS Prevention: Detects and mitigates automated attacks that can disrupt services or degrade customer experiences.
  • Intrusion Prevention (IPS): Provides protection against over 2,800 web-related CVEs using Check Point’s award-winning IPS technology.

Benefits of CloudGuard WAF:

  • Zero-Day Protection: Mitigates risks from newly discovered vulnerabilities without waiting for signature updates.
  • Reduced Operational Overhead: Eliminates the need for constant manual tuning and exception handling, simplifying security management.
  • Comprehensive API Security: Enhances control over your attack surface by discovering and securing all APIs, including shadow, rogue, and deprecated endpoints.
  • Fast and Easy Deployment: Deployable within minutes via WAF as a Service (WAFaaS), requiring only a one-time DNS configuration for immediate protection.

CloudGuard WAF is particularly suitable for organizations using modern, cloud-based architectures that require robust, automated security measures for both applications and APIs. Its capabilities are valuable for industries that handle sensitive data, such as finance or healthcare, where compliance and data protection are critical. Pricing and support are typically customized to the specific needs and scale of the deployment, with options for continuous updates and maintenance through Check Point's managed services.

CloudGuard WAF by Check Point provides advanced, AI-driven protection for web applications and APIs, offering automated, precise threat prevention and easy integration with cloud-native environments, ensuring robust security without the need for extensive manual configuration.

Check Point Software Technologies

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

HCLSoftware
 

Sample Customers

Orange España, Paschoalotto
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Buyer's Guide
Check Point CloudGuard WAF vs. HCL AppScan
April 2025
Free Report: Check Point CloudGuard WAF vs. HCL AppScan
Find out what your peers are saying about Check Point CloudGuard WAF vs. HCL AppScan and other solutions. Updated: April 2025.
DOWNLOAD NOW
846,617 professionals have used our research since 2012.
See our Check Point CloudGuard WAF vs. HCL AppScan report.
See our list of best Application Security Tools vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.