Try our new research platform with insights from 80,000+ expert users

GitLab vs HCL AppScan comparison

GitLab and HCLSoftware are both solutions in the Application Security Tools category. GitLab is ranked #10 with an average rating of 8.4, while HCLSoftware is ranked #15 with an average rating of 7.9. GitLab holds a 3.0% mindshare in AS, compared to HCLSoftware ’s 2.7% mindshare. Additionally, 97% of GitLab users are willing to recommend the solution, compared to 83% of HCLSoftware users who would recommend it.
GitLab
Read 81 GitLab reviews
  • 3,981 Views
  • 3,274 Comparison Views
97% willing to recommend
HCL AppScan
Read 43 HCL AppScan reviews
  • 4,123 Views
  • 3,144 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

HCL AppScan and GitLab operate in the software security and development space. GitLab appears to have the upper hand with its comprehensive feature set and ease of integration, enhancing user experience in development functions.

Features: HCL AppScan offers advanced security testing tools, thorough vulnerability assessments, and support for various technologies. GitLab features a DevOps platform, seamless CI/CD pipeline integration, and collaborative tools, providing broader development support beyond security testing.

Room for Improvement: HCL AppScan users note the need for better report customization, integration flexibility, and interoperability. GitLab users highlight occasional performance issues, enhanced documentation, and product efficiency improvement.

Ease of Deployment and Customer Service: HCL AppScan deployment is complex due to its extensive security capabilities, but it has strong customer service. GitLab offers straightforward deployment within its integrated ecosystem, with users reporting satisfactory customer service.

Pricing and ROI: HCL AppScan incurs higher setup costs, with users recognizing security-related returns. GitLab's flexible pricing model is seen as providing strong ROI through its comprehensive features supporting complete development workflows.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed GitLab vs. HCL AppScan Report (Updated: January 2025).
Buyer's Guide
GitLab vs. HCL AppScan
January 2025
Download the complete report
Helped 831,158 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitLab
Ranking in Application Security Tools
10th
Ranking in Static Application Security Testing (SAST)
9th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
81
Ranking in other categories
Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (12th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (3rd)
HCL AppScan
Ranking in Application Security Tools
15th
Ranking in Static Application Security Testing (SAST)
12th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
43
Ranking in other categories
Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

As of January 2025, in the Application Security Tools category, the mindshare of GitLab is 3.0%, up from 2.6% compared to the previous year. The mindshare of HCL AppScan is 2.7%, down from 2.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Gaurav Chandel - PeerSpot reviewer
Boosted productivity with automated pipelines and seamless collaboration
There are some challenges with repository file management as GitLab may struggle to manage larger files. Improvements could be made regarding size management and file partitioning. Also, the UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.
Read full review
AnshulTomar - PeerSpot reviewer
Scalable platform with efficient static and dynamic testing features
We use the product for Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). By integrating AppScan into our CI/CD pipelines, aligned with Agile methodologies, we ensure that security testing becomes an integral part of the software development lifecycle The…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."
"It's a great toolbox where the CI/CD pipeline is the fundamental component, but there are so many other features that you can pull from, which makes it a very powerful tool. My current client is using AWS, and they can, of course, use AWS CodePipeline, but GitLab is much more mature than that, and it also gives you the freedom to decide to go to another platform or have a multi-cloud strategy and things like that. That freedom for me is also very valuable."
"The most valuable functionality of GitLab, for me, is the DevOps. Besides the normal source control based on Git, I find the Auto DevOps features most important in the solution."
"I have had no problem with the stability of the solution."
"It scales well."
"The solution's service delivery model is fantastic."
"GitLab is very well-organized and easy to use. Also, it offers most features that customers need."
"The most important features of GitLab for us are issue management and all the CI/CD tools. Another aspect that I love about GitLab is the UI."
More GitLab pros
"We leverage it as a quality check against code."
"It provides a better integration for our ecosystem."
"This is a stable solution."
"AppScan's most valuable features include its ability to identify vulnerabilities accurately, provide detailed remediation steps, and the newly introduced AI-powered features that enhance its functionality further."
"AppScan is stable."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"The solution offers services in a few specific development languages."
"Technical support is helpful."
More HCL AppScan pros
 

Cons

"The user interface could be more user-friendly. We do most of our operations through the website interface but it could be better."
"GitLab could improve the patch repository. It does not have support for Conan patch version regions. Additionally, better support for Kubernetes deployment is needed as part of the package."
"We would like to generate document pages from the sources."
"GitLab could consider introducing a code-scanning tool. Purchasing such tools from external markets can incur charges, which might not be favorable. Integrating these features into GitLab would streamline the pipeline and make it more convenient for users."
"The solution should again offer an on-premises deployment option."
"The tool should include a feature that helps to edit the code directly."
"As GitLab is not perfect, what needs improvement in the solution is the Wiki feature of the groups or the repertories because currently, it's not searchable by default. You'll need an indexing service such as Elasticsearch to make it searchable, and that requires too much work, so for me, it's the main feature that should be improved in GitLab. In the next version of the solution, from the top of my head, the documentation could be improved. Besides the Wiki, it would be good if there's documentation that would be automatically generated based on the code repository. In other words, there should be some tutorials from GitLab for developers in the next release."
"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc."
More GitLab cons
"There is room for improvement in the pricing model."
"HCL AppScan needs to improve security."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"AppScan needs to improve its handling of false positives."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"The product has some technical limitations."
More HCL AppScan cons
 

Pricing and Cost Advice

"There are different licensing options available, including a free limited-user license."
"I don't mind the price because I use the free version."
"Regarding pricing, I would rate GitLab as moderately priced, maybe around a seven or eight out of ten. It could be more flexible for clients but generally offers good value."
"We are using its free version, and we are evaluating its Premium version. Its Ultimate version is very expensive."
"GitLab is a free solution to use."
"The solution's pricing is acceptable."
"It is very expensive. We can't bear it now, and we have to find another solution. We have a yearly subscription in which we can increase the number of licenses, but we have to pay at the end of the year."
"I'm not sure if they have some kind of discount. I've been negotiating with them on prices before, and I believe they weren't too happy to give discounts, but list prices are $19 per user, per month for Premium and $99 per user, per month for Ultimate. So, the difference between Premium and Ultimate is a bit bigger, and in most companies, you need to build some type of business case."
More GitLab pricing and cost advice
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"Our clients are willing to pay the extra money. It is expensive."
"The price is very expensive."
"The product is moderately priced, though it's an investment due to extensive code analysis needs."
"HCL AppScan is expensive."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
"The tool was expensive."
More HCL AppScan pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
831,158 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
29%
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
8%
Computer Software Company
19%
Financial Services Firm
14%
Government
10%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
See all answers
What is your experience regarding pricing and costs for GitLab?
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
See all answers
What needs improvement with GitLab?
There are missing search features, particularly when searching repositories or applying filters. Additionally, I have encountered issues with the deployment of CI/CD pipelines, especially dealing w...
See all answers
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
See all answers
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
See all answers
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
See all answers
 

Comparisons

Microsoft Azure DevOps vs GitLab Logo
Microsoft Azure DevOps vs GitLab
Compared 37% of the time
SonarQube Server (formerly SonarQube) vs GitLab Logo
SonarQube Server (formerly SonarQube) vs GitLab
Compared 8% of the time
GitHub CoPilot vs GitLab Logo
GitHub CoPilot vs GitLab
Compared 8% of the time
AWS CodePipeline vs GitLab Logo
AWS CodePipeline vs GitLab
Compared 5% of the time
Tekton vs GitLab Logo
Tekton vs GitLab
Compared 5% of the time
More GitLab Competitors
Acunetix vs HCL AppScan Logo
Acunetix vs HCL AppScan
Compared 14% of the time
SonarQube Server (formerly SonarQube) vs HCL AppScan Logo
SonarQube Server (formerly SonarQube) vs HCL AppScan
Compared 13% of the time
Veracode vs HCL AppScan Logo
Veracode vs HCL AppScan
Compared 11% of the time
Fortify on Demand vs HCL AppScan Logo
Fortify on Demand vs HCL AppScan
Compared 8% of the time
Tenable.io Web Application Scanning vs HCL AppScan Logo
Tenable.io Web Application Scanning vs HCL AppScan
Compared 2% of the time
More HCL AppScan Competitors
 

Product Reports

Buyer's Guide
GitLab
January 2025
GitLab reportDownload GitLab product report
Buyer's Guide
HCL AppScan
January 2025
HCL AppScan reportDownload HCL AppScan product report
 

Also Known As

Fuzzit
IBM Security AppScan, Rational AppScan, AppScan
 

Learn More

GitLab
HCLSoftware
 

Overview

GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster. 

It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring. 

With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Buyer's Guide
GitLab vs. HCL AppScan
January 2025
Free Report: GitLab vs. HCL AppScan
Find out what your peers are saying about GitLab vs. HCL AppScan and other solutions. Updated: January 2025.
DOWNLOAD NOW
831,158 professionals have used our research since 2012.
See our GitLab vs. HCL AppScan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.