GitLab vs HCL AppScan comparison

GitLab and HCLSoftware are both solutions in the Application Security Tools category. GitLab is ranked #8 with an average rating of 8.6, while HCLSoftware is ranked #15 with an average rating of 7.9. GitLab holds a 2.9% mindshare in AS, compared to HCLSoftware ’s 2.6% mindshare. Additionally, 97% of GitLab users are willing to recommend the solution, compared to 83% of HCLSoftware users who would recommend it.

GitLab

Read 82 GitLab reviews

3,885 Views
3,201 Comparison Views

97% willing to recommend

HCL AppScan

Read 43 HCL AppScan reviews

4,024 Views
3,053 Comparison Views

83% willing to recommend

GitLab

HCL AppScan

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

HCL AppScan and GitLab operate in the software security and development space. GitLab appears to have the upper hand with its comprehensive feature set and ease of integration, enhancing user experience in development functions.

Features: HCL AppScan offers advanced security testing tools, thorough vulnerability assessments, and support for various technologies. GitLab features a DevOps platform, seamless CI/CD pipeline integration, and collaborative tools, providing broader development support beyond security testing.

Room for Improvement: HCL AppScan users note the need for better report customization, integration flexibility, and interoperability. GitLab users highlight occasional performance issues, enhanced documentation, and product efficiency improvement.

Ease of Deployment and Customer Service: HCL AppScan deployment is complex due to its extensive security capabilities, but it has strong customer service. GitLab offers straightforward deployment within its integrated ecosystem, with users reporting satisfactory customer service.

Pricing and ROI: HCL AppScan incurs higher setup costs, with users recognizing security-related returns. GitLab's flexible pricing model is seen as providing strong ROI through its comprehensive features supporting complete development workflows.

To learn more, read our detailed GitLab vs. HCL AppScan Report (Updated: January 2025).

Buyer's Guide

GitLab vs. HCL AppScan

January 2025

Download the complete report

Helped 838,640 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

GitLab

Ranking in Application Security Tools

8th

Ranking in Static Application Security Testing (SAST)

8th

Average Rating

8.6

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (12th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (3rd)

HCL AppScan

Ranking in Application Security Tools

15th

Ranking in Static Application Security Testing (SAST)

12th

Average Rating

7.8

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Dynamic Application Security Testing (DAST) (1st)

Mindshare comparison

As of February 2025, in the Application Security Tools category, the mindshare of GitLab is 2.9%, up from 2.6% compared to the previous year. The mindshare of HCL AppScan is 2.6%, down from 2.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Featured Reviews

Gaurav Chandel

AWS DevOps/ Site Reliability Engineer at Tata Consultancy

Boosted productivity with automated pipelines and seamless collaboration

There are some challenges with repository file management as GitLab may struggle to manage larger files. Improvements could be made regarding size management and file partitioning. Also, the UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.

Read full review

Rishi Anupam

Senior Manager at Airtel

A stable and scalable scanning solution with good reporting feature

The solution is used for the vulnerabilities scan on the network side The reporting part is the most valuable feature. The penetration testing feature should be included. I have been using the solution for four years. It is a stable solution. I rate it seven out of ten. It is a scalable…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most important features of GitLab for us are issue management and all the CI/CD tools. Another aspect that I love about GitLab is the UI."

"GitLab has better support, and its features are superior compared to Jenkins."

"Continuous integration with deployment is very powerful, which is a significant reason for migrating from TFS to GitLab."

"It streamlines our DevOps processes with automated CI/CD pipelines."

"The CI/CD pipeline with Helm has significantly improved deployment speed and efficiency."

"As a developer, this solution is useful as a repository holder because most of the POC projects that we have are on GitLab."

"The solution makes the CI/CD pipelines easy to execute."

"GitLab's best feature is Actions."

More GitLab pros

"The static scans are good, and the SaaS as well."

"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."

"The most valuable feature of the solution is Postman."

"The product is useful, particularly in its sensitivity and scanning capabilities."

"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."

"We use it as a security testing application."

"The most valuable feature of the solution is the scanning or security part."

"It identifies all the URLs and domains on its own and then performs tests and provides the results."

More HCL AppScan pros

Cons

"While GitLab is a great tool for developers, it lacks project planner features. Roadmaps and Gantt charts in GitLab are not as advanced as in Jira, and changing start and end dates is more laborious in GitLab."

"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."

"GitLab could add a plugin to integrate with Kubernetes stuff."

"GitLab could improve the patch repository. It does not have support for Conan patch version regions. Additionally, better support for Kubernetes deployment is needed as part of the package."

"GitLab doesn't have AWS integration. It would be better to have integration with other container management environments beyond Kubernetes. It has very good integration with Kubernetes, but it doesn't have good integration with, for example, AWS, ETS, etc."

"I rate the support from GitLab a four out of five."

"Based on what I know so far, its integration with Kubernetes is not so good. We have to develop many things to make it work. We have to acquire third-party components to work with Kubernetes."

"Their RBAC is role-based access, which is fine but not very good."

More GitLab cons

"IBM Security AppScan Source is rather hard to use."

"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."

"The pricing has room for improvement."

"HCL AppScan needs to improve security."

"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."

"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."

"Sometimes it doesn't work so well."

"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."

More HCL AppScan cons

Pricing and Cost Advice

"GitLab is a free solution to use."

"We are using its free version, and we are evaluating its Premium version. Its Ultimate version is very expensive."

"We are using the open-source version."

"I'm not sure if they have some kind of discount. I've been negotiating with them on prices before, and I believe they weren't too happy to give discounts, but list prices are $19 per user, per month for Premium and $99 per user, per month for Ultimate. So, the difference between Premium and Ultimate is a bit bigger, and in most companies, you need to build some type of business case."

"GitLab is comparatively expensive, but it provides value because it's feature-rich."

"This is an open-source solution."

"GitLab's pricing is good compared to others on the market."

"I think that we pay approximately $100 USD per month."

More GitLab pricing and cost advice

"Our clients are willing to pay the extra money. It is expensive."

"HCL AppScan is expensive."

"I rate the product's price a seven on a scale of one to ten, where one is low, and ten is high. HCL AppScan is an expensive tool."

"The solution is cheap."

"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."

"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

"The solution is moderately priced."

"The product is moderately priced, though it's an investment due to extensive code analysis needs."

More HCL AppScan pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

838,640 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Educational Organization

29%

Financial Services Firm

11%

Computer Software Company

11%

Manufacturing Company

Computer Software Company

19%

Financial Services Firm

15%

Government

11%

Manufacturing Company

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about GitLab?

I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.

See all answers

What is your experience regarding pricing and costs for GitLab?

The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.

See all answers

What needs improvement with GitLab?

There are missing search features, particularly when searching repositories or applying filters. Additionally, I have encountered issues with the deployment of CI/CD pipelines, especially dealing w...

See all answers

What do you like most about HCL AppScan?

The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.

See all answers

What needs improvement with HCL AppScan?

AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...

See all answers

What is your primary use case for HCL AppScan?

The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...

See all answers

Comparisons

Microsoft Azure DevOps vs GitLab

Compared 34% of the time

GitHub CoPilot vs GitLab

Compared 9% of the time

SonarQube Server (formerly SonarQube) vs GitLab

Compared 8% of the time

AWS CodePipeline vs GitLab

Compared 6% of the time

Tekton vs GitLab

Compared 5% of the time

More GitLab Competitors

Acunetix vs HCL AppScan

Compared 15% of the time

SonarQube Server (formerly SonarQube) vs HCL AppScan

Compared 12% of the time

Veracode vs HCL AppScan

Compared 11% of the time

Fortify on Demand vs HCL AppScan

Compared 8% of the time

Invicti vs HCL AppScan

Compared 3% of the time

More HCL AppScan Competitors

Product Reports

Buyer's Guide

GitLab

February 2025

Download GitLab product report

Buyer's Guide

HCL AppScan

February 2025

Download HCL AppScan product report

Also Known As

Fuzzit

IBM Security AppScan, Rational AppScan, AppScan

Overview

GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster.

It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring.

With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

GitLab

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

HCLSoftware

Sample Customers

1. NASA 2. IBM 3. Sony 4. Alibaba 5. CERN 6. Siemens 7. Volkswagen 8. ING 9. Ticketmaster 10. SpaceX 11. Adobe 12. Intuit 13. Autodesk 14. Rakuten 15. Unity Technologies 16. Pandora 17. Electronic Arts 18. Nordstrom 19. Verizon 20. Comcast 21. Philips 22. Deutsche Telekom 23. Orange 24. Fujitsu 25. Ericsson 26. Nokia 27. General Electric 28. Cisco 29. Accenture 30. Deloitte 31. PwC 32. KPMG

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT

Buyer's Guide

GitLab vs. HCL AppScan

January 2025

Free Report: GitLab vs. HCL AppScan

Find out what your peers are saying about GitLab vs. HCL AppScan and other solutions. Updated: January 2025.

DOWNLOAD NOW

838,640 professionals have used our research since 2012.

See our GitLab vs. HCL AppScan report.

See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.