Try our new research platform with insights from 80,000+ expert users

HCL AppScan vs PortSwigger Burp Suite Enterprise Edition comparison

HCLSoftware and PortSwigger are both solutions in the Dynamic Application Security Testing (DAST) category. HCLSoftware is ranked #1 with an average rating of 8.0, while PortSwigger is ranked #5 with an average rating of 8.3. Additionally, 82% of HCLSoftware users are willing to recommend the solution, compared to 83% of PortSwigger users who would recommend it.
HCL AppScan
Read 42 HCL AppScan reviews
  • 679 Views
  • 528 Comparison Views
82% willing to recommend
PortSwigger Burp Suite Ente...
Read 11 PortSwigger Burp Suite Enterprise Edition reviews
  • 146 Views
  • 93 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Aug 13, 2024

HCL AppScan and PortSwigger Burp Suite Enterprise Edition are top contenders in the application security testing market. Despite both offering comprehensive security features, user reviews favor Burp Suite for effectiveness and satisfaction, while HCL AppScan is noted for ease of use and deployment.

Features: HCL AppScan offers automated scanning capabilities, extensive reporting features, and integration with various development tools. PortSwigger Burp Suite Enterprise Edition includes advanced vulnerability detection, customizable scanning options, and thorough scanning capabilities.

Room for Improvement: HCL AppScan users seek improved scan speeds, better false-positive management, and enhanced performance. PortSwigger Burp Suite needs easier user training, a better knowledge base, and improved user experience.

Ease of Deployment and Customer Service: HCL AppScan is known for its straightforward deployment process and reliable customer support. PortSwigger Burp Suite has a more complex deployment but offers extensive documentation and responsive customer service.

Pricing and ROI: HCL AppScan has high setup costs but provides value over time with robust features. PortSwigger Burp Suite also has higher initial costs but its feature set correlates with high ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed HCL AppScan vs. PortSwigger Burp Suite Enterprise Edition Report (Updated: October 2024).
Buyer's Guide
HCL AppScan vs. PortSwigger Burp Suite Enterprise Edition
October 2024
Download the complete report
Helped 814,572 peers since 2012
 

Categories and Ranking

HCL AppScan
Ranking in Dynamic Application Security Testing (DAST)
1st
Average Rating
7.8
Number of Reviews
42
Ranking in other categories
Application Security Tools (13th), Static Application Security Testing (SAST) (12th)
PortSwigger Burp Suite Ente...
Ranking in Dynamic Application Security Testing (DAST)
5th
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
11
Ranking in other categories
Vulnerability Management (21st)
 

Featured Reviews

Gladwin Christian - PeerSpot reviewer
Sep 29, 2023
A useful tool to scan applications that can be easily installed
Given that we have been using HCL AppScan for many years, I think the setup process is not difficult at all. Sometimes, some issues stop or prevent my company from moving forward with the product's setup phase. We have to call HCL's support team and engage in long discussions to smoothly carry out the setup phase. In general, the product's setup phase is not difficult in our company. The solution is deployed on an on-premises model. The licenses for the solution are available only on cloud deployments nowadays. The solution is already installed in our environment. Every time a new release or software comes out from HCL, our company does a scan, which takes maybe a day or two.
Read full review
Iwegbue Godspower Isioma - PeerSpot reviewer
Nov 20, 2023
A seamless and easy-to-use solution that enables organizations to conduct vulnerability assessments and penetration testing
We use the solution for vulnerability assessment and penetration testing. We can escalate vulnerabilities. We can also use it for mobile app traffic detection and SQL injection We can escalate the vulnerabilities we see on the web application. The product is easy to use. It is seamless and easy…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the recording feature."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"The most valuable feature of the solution is the scanning or security part."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"The most valuable feature of the solution is Postman."
"This is a stable solution."
"The solution offers services in a few specific development languages."
"The UI was very intuitive."
More HCL AppScan pros
"The product's initial setup phase was super easy."
"The product is easy to use."
"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."
"We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."
"The most valuable part of it was probably the ability to intercept and modify calls."
"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."
"The solution's extensions really expand the capabilities and features offered by the installation."
"The tool is loaded with many features that give us ROI."
More PortSwigger Burp Suite Enterprise Edition pros
 

Cons

"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"There is room for improvement in the pricing model."
"​IBM Security AppScan Source is rather hard to use​."
"There is not a central management for static and dynamic."
"The solution could improve by having a mobile version."
"AppScan is too complicated and should be made more user-friendly."
"Many silly false positives are produced."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
More HCL AppScan cons
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"From my personal experience, the solution's performance could be improved."
"The solution is a bit expensive."
"The implementation of the solution is quite complicated and could be easier."
"The stability of the scans could be improved."
"The cost per license per user could be cheaper, specifically for individual licensing."
"Scalability could be better."
"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."
More PortSwigger Burp Suite Enterprise Edition cons
 

Pricing and Cost Advice

"The tool was expensive."
"With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
"The product has premium pricing and could be more competitive."
"The solution is cheap."
"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
"HCL AppScan is expensive."
More HCL AppScan pricing and cost advice
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"For Professional, it's about $400 per year."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
"The tool's pricing is reasonable and costs around 400 dollars per year."
report
See which vendors are best for you
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
See recommendations
814,572 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
14%
Manufacturing Company
11%
Government
10%
Financial Services Firm
16%
Computer Software Company
15%
Government
11%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
See all answers
What needs improvement with HCL AppScan?
They could incorporate AI to enhance vulnerability detection and improve the product's reporting capabilities.
See all answers
What is your primary use case for HCL AppScan?
We use AppScan primarily for security testing and performance monitoring across our systems.
See all answers
What do you like most about PortSwigger Burp Suite Enterprise Edition?
Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition.
See all answers
What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?
The tool's pricing is reasonable and costs around 400 dollars per year.
See all answers
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers.
See all answers
 

Comparisons

Acunetix vs HCL AppScan Logo
Acunetix vs HCL AppScan
Compared 15% of the time
SonarQube Server (formerly SonarQube) vs HCL AppScan Logo
SonarQube Server (formerly SonarQube) vs HCL AppScan
Compared 13% of the time
Veracode vs HCL AppScan Logo
Veracode vs HCL AppScan
Compared 11% of the time
Fortify on Demand vs HCL AppScan Logo
Fortify on Demand vs HCL AppScan
Compared 9% of the time
PortSwigger Burp Suite Professional vs HCL AppScan Logo
PortSwigger Burp Suite Professional vs HCL AppScan
Compared 7% of the time
More HCL AppScan Competitors
Acunetix vs PortSwigger Burp Suite Enterprise Edition Logo
Acunetix vs PortSwigger Burp Suite Enterprise Edition
Compared 37% of the time
Tenable Nessus vs PortSwigger Burp Suite Enterprise Edition Logo
Tenable Nessus vs PortSwigger Burp Suite Enterprise Edition
Compared 13% of the time
Fortify WebInspect vs PortSwigger Burp Suite Enterprise Edition Logo
Fortify WebInspect vs PortSwigger Burp Suite Enterprise Edition
Compared 8% of the time
Tenable Vulnerability Management vs PortSwigger Burp Suite Enterprise Edition Logo
Tenable Vulnerability Management vs PortSwigger Burp Suite Enterprise Edition
Compared 6% of the time
Amazon Inspector vs PortSwigger Burp Suite Enterprise Edition Logo
Amazon Inspector vs PortSwigger Burp Suite Enterprise Edition
Compared 4% of the time
More PortSwigger Burp Suite Enterprise Edition Competitors
 

Product Reports

Buyer's Guide
HCL AppScan
October 2024
HCL AppScan reportDownload HCL AppScan product report
Buyer's Guide
PortSwigger Burp Suite Enterprise Edition
October 2024
PortSwigger Burp Suite Enterprise Edition reportDownload PortSwigger Burp Suite Enterprise Edition product report
 

Also Known As

IBM Security AppScan, Rational AppScan, AppScan
No data available
 

Learn More

HCLSoftware
PortSwigger
 

Overview

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

Burp Suite Enterprise Edition is an automated web vulnerability scanner, designed to enable enterprises to scale security across their web portfolios and achieve DevSecOps. Automate trusted Burp scans, integrate web security testing with development, and free your application security to support software development.

 

Sample Customers

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
Buyer's Guide
HCL AppScan vs. PortSwigger Burp Suite Enterprise Edition
October 2024
Free Report: HCL AppScan vs. PortSwigger Burp Suite Enterprise Edition
Find out what your peers are saying about HCL AppScan vs. PortSwigger Burp Suite Enterprise Edition and other solutions. Updated: October 2024.
DOWNLOAD NOW
814,572 professionals have used our research since 2012.
See our HCL AppScan vs. PortSwigger Burp Suite Enterprise Edition report.
See our list of best Dynamic Application Security Testing (DAST) vendors.

We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.