We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like the recording feature."
"You can easily find particular features and functions through the UI."
"We leverage it as a quality check against code."
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"It provides a better integration for our ecosystem."
"There's extensive functionality with custom rules and a custom knowledge base."
"It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"The most valuable feature is Burp Collaborator."
"The most valuable feature is the application security. It also has a reasonable price."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"The active scanner, which does an automated search of any web vulnerabilities."
"Scans become slow on large websites."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"The pricing has room for improvement."
"The databases for HCL are small and have room for improvement."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"There is not a central management for static and dynamic."
"The penetration testing feature should be included."
"They should have a better UI for dashboards."
"The initial setup is a bit complex."
"The solution is not easy to set it up. You need a lot of knowledge."
"The solution lacks sufficient stability."
"There is not much automation in the tool."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"If we're running a huge number of scans regularly, it slows down the tool."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"The solution’s pricing could be improved."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 40 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Checkmarx One, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.