Try our new research platform with insights from 80,000+ expert users

GitLab vs HCL AppScan comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitLab
Ranking in Application Security Tools
9th
Ranking in Static Application Security Testing (SAST)
7th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
82
Ranking in other categories
Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (12th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (3rd)
HCL AppScan
Ranking in Application Security Tools
14th
Ranking in Static Application Security Testing (SAST)
10th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
43
Ranking in other categories
Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of GitLab is 3.0%, up from 2.7% compared to the previous year. The mindshare of HCL AppScan is 2.6%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Gaurav Chandel - PeerSpot reviewer
Boosted productivity with automated pipelines and seamless collaboration
There are some challenges with repository file management as GitLab may struggle to manage larger files. Improvements could be made regarding size management and file partitioning. Also, the UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.
Rishi Anupam - PeerSpot reviewer
A stable and scalable scanning solution with good reporting feature
The solution is used for the vulnerabilities scan on the network side The reporting part is the most valuable feature. The penetration testing feature should be included. I have been using the solution for four years. It is a stable solution. I rate it seven out of ten. It is a scalable…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The CI/CD pipeline with Helm has significantly improved deployment speed and efficiency."
"GitLab is scalable and works well with multiple environments."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"GitLab is being used as a repository for our codebase and it is a one stop DevOps tool we use in our team."
"It is scalable."
"GitLab is very useful for pipelines, continuous integration, and continuous deployment. It is also stable."
"The solution has an established roadmap that lays out its plans for upgrades over the next two to three years."
"I like GitLab from the CI/CD perspective. It is much easier to set up CI/CD and then integrate with other tools."
"The security and the dashboard are the most valuable features."
"We use it as a security testing application."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"AppScan is stable."
"It provides a better integration for our ecosystem."
"This is a stable solution."
"The most valuable feature of HCL AppScan is scanning QR codes."
"The most valuable feature of the solution is Postman."
 

Cons

"GitLab can improve the integration with third-party applications. It could be made easier. Additionally, having API control from my application could be helpful."
"The solution could be faster."
"Reporting could be improved."
"We do face issues in our company when we run out of disk space."
"The pricing model of GitLab is an issue for me."
"I've noticed an area for improvement in GitLab, particularly needing to go through many steps to push the code to the repository. Resolving that issue would make the product better. My team quickly fixed it by writing a small script, then double-clicking or enabling the script to take care of the issue. However, that quick fix was from my team and not the GitLab team, so in the next release, if an automatic deployment feature would be available in GitLab, then that would be good because, in Visual Studio, you can do that with just one click of a button."
"For as long as I have used GitLab, I haven't encountered any major limitations. However, I think that perhaps the search functionality could be better."
"The integration and storage capabilities could be better."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"Sometimes it doesn't work so well."
"One thing which I think can be improved is the CI/CD Integration"
"The product has some technical limitations."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"They could add a software component analysis tool."
"We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated."
 

Pricing and Cost Advice

"There are different licensing options available, including a free limited-user license."
"It seems reasonable. Our IT team manages the licenses."
"GitLab's pricing is good compared to others on the market."
"The solution is based on a subscription model and is reasonably priced."
"GitLab is an open-source solution."
"My company uses the free version of GitLab, which is GitLab Community Edition. There is a licensed version also available for GitLab."
"The price is okay."
"Its price is fine. It is on the cheaper side and not expensive. You have to pay additionally for GitLab CI/CD minutes. Initially, we used the free version. When we ran out of GitLab minutes, we migrated to the paid version."
"The solution is cheap."
"The tool was expensive."
"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."
"The price is very expensive."
"Our clients are willing to pay the extra money. It is expensive."
"The product is moderately priced, though it's an investment due to extensive code analysis needs."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"The solution is moderately priced."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
8%
Computer Software Company
19%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
What is your experience regarding pricing and costs for GitLab?
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
What needs improvement with GitLab?
Certain features in Jira are not available in GitLab, such as the functionality to have weights at the milestone and epic levels. Hopefully, these features will be resolved with work items in GitLa...
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
 

Comparisons

 

Also Known As

Fuzzit
IBM Security AppScan, Rational AppScan, AppScan
 

Overview

 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Find out what your peers are saying about GitLab vs. HCL AppScan and other solutions. Updated: March 2025.
845,040 professionals have used our research since 2012.