We performed a comparison between GitLab and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."GitLab is kind of an image of GitHub, so it gives us the flexibility to monitor our changes in the repos."
"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"The most valuable functionality of GitLab, for me, is the DevOps. Besides the normal source control based on Git, I find the Auto DevOps features most important in the solution."
"The stability is good."
"We use the Git repository and tagging feature. We are a product-based company and use this solution to move to a forward or backward tag."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"I like that you can use GitLab as a double-sided solution for both DevOps and version management. It's a good product for working in these two areas, and the user interface makes it easy to understand."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"The static scans are good, and the SaaS as well."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"It was easy to set up."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"The most valuable feature of HCL AppScan is scanning QR codes."
"We leverage it as a quality check against code."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities."
"Expand features to match other tools such as a static code analysis tool so third-party integrations are not required."
"I don't really like the new Kubernetes integration because it is pretty focused on the on-premise environment, but we're in a hybrid environment."
"Their RBAC is role-based access, which is fine but not very good."
"The solution should again offer an on-premises deployment option."
"Merge conflicts and repository maintenance could improve. If there is someone new to the system they would not know if there is a conflict."
"The documentation is confusing."
"GitLab's UI could be improved."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"HCL AppScan needs to improve security."
"AppScan is too complicated and should be made more user-friendly."
"It has crashed at times."
"The penetration testing feature should be included."
"A desktop version should be added."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
GitLab is ranked 7th in Application Security Tools with 70 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. GitLab is rated 8.6, while HCL AppScan is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap. See our GitLab vs. HCL AppScan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
