HCL AppScan vs Qualys Web Application Scanning comparison

HCLSoftware and Qualys are both solutions in the Application Security Tools category. HCLSoftware is ranked #13 with an average rating of 8.0, while Qualys is ranked #12 with an average rating of 8.4. HCLSoftware holds a 2.6% mindshare in AS, compared to Qualys’s 1.9% mindshare. Additionally, 82% of HCLSoftware users are willing to recommend the solution, compared to 86% of Qualys users who would recommend it.

HCL AppScan

Read 42 HCL AppScan reviews

4,509 Views
3,469 Comparison Views

82% willing to recommend

Qualys Web Application Scan...

Read 35 Qualys Web Application Scanning reviews

3,485 Views
2,730 Comparison Views

86% willing to recommend

HCL AppScan

Qualys Web Application Scan...

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Sep 23, 2024

HCL AppScan and Qualys Web Application Scanning both compete in the web application security tools market. Qualys Web Application Scanning appears to have the upper hand due to its superior reporting features and faster scanning times.

Features: Users value HCL AppScan for its extensive vulnerability coverage, seamless integration with security tools, and comprehensive detection capabilities. Qualys' strengths lie in its detailed reporting, faster scanning times, and user-friendly interface.

Room for Improvement: Users suggest HCL AppScan could improve its scanning speeds, user customization options, and overall performance. For Qualys, feedback indicates a need for enhanced integration capabilities, more intuitive user guidance, and broader vulnerability coverage.

Ease of Deployment and Customer Service: HCL AppScan is praised for its straightforward deployment process and excellent customer service. Qualys offers a slightly faster initial setup but receives mixed reviews on customer support.

Pricing and ROI: HCL AppScan users find the product offers good value despite higher setup costs. Qualys is noted for its competitive pricing and faster ROI.

To learn more, read our detailed HCL AppScan vs. Qualys Web Application Scanning Report (Updated: October 2024).

Buyer's Guide

HCL AppScan vs. Qualys Web Application Scanning

October 2024

Download the complete report

Helped 816,192 peers since 2012

Categories and Ranking

HCL AppScan

Ranking in Application Security Tools

13th

Ranking in Static Application Security Testing (SAST)

12th

Average Rating

7.8

Reviews Sentiment

5.8

Number of Reviews

Ranking in other categories

Dynamic Application Security Testing (DAST) (1st)

Qualys Web Application Scan...

Ranking in Application Security Tools

12th

Ranking in Static Application Security Testing (SAST)

11th

Average Rating

7.8

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of HCL AppScan is 2.6%, down from 2.8% compared to the previous year. The mindshare of Qualys Web Application Scanning is 1.9%, down from 2.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools

Featured Reviews

Gladwin Christian

QA manager at SmartStream Technologies ltd.

A useful tool to scan applications that can be easily installed

Given that we have been using HCL AppScan for many years, I think the setup process is not difficult at all. Sometimes, some issues stop or prevent my company from moving forward with the product's setup phase. We have to call HCL's support team and engage in long discussions to smoothly carry out the setup phase. In general, the product's setup phase is not difficult in our company. The solution is deployed on an on-premises model. The licenses for the solution are available only on cloud deployments nowadays. The solution is already installed in our environment. Every time a new release or software comes out from HCL, our company does a scan, which takes maybe a day or two.

Read full review

SubhajitAich

Security Consultant at Cognizant

A stable solution that can be used for infrastructure vulnerability scanning and web application scanning

Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly. Compared to other solutions like Tenable and Rapid7, you need to navigate a lot to get the actual results out of Qualys Web Application Scanning. If I have to search for one thing within the entire console, I have to look for it randomly. It's not very easy and very comfortable to find something. Overall, it's a very good solution, but it will be very good if the tool is more user-friendly.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."

"The solution is cheap."

"The product has valuable features for static and dynamic testing."

"AppScan is stable."

"It provides a better integration for our ecosystem."

"The security and the dashboard are the most valuable features."

"Compared to other tools only AppScan supports special language."

"I like the recording feature."

More HCL AppScan pros

"It scans web applications to identify vulnerabilities during deployment."

"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."

"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."

"It is a good product for website penetration testing to detect vulnerabilities."

"It works with many different products."

"With our vulnerabilities under control, it's putting our services in compliance and minimizing our risk for exposure."

"The product prevents possible vulnerabilities in our network."

"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."

More Qualys Web Application Scanning pros

Cons

"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."

"They have to improve support."

"There is not a central management for static and dynamic."

"AppScan is too complicated and should be made more user-friendly."

"One thing which I think can be improved is the CI/CD Integration"

"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."

"HCL AppScan needs to improve security."

"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."

More HCL AppScan cons

"The reporting contains too many false positives."

"Deployment can be complicated."

"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."

"The support could be faster."

"The authenticated scanning feature could be improved by adding support for real-time scanning tokens and authorization tokens."

"It should have better automatic reporting."

"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."

"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."

More Qualys Web Application Scanning cons

Pricing and Cost Advice

"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

"The solution is moderately priced."

"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."

"The tool was expensive."

"The product has premium pricing and could be more competitive."

"I rate the product's price a seven on a scale of one to ten, where one is low, and ten is high. HCL AppScan is an expensive tool."

"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."

"The solution is cheap."

More HCL AppScan pricing and cost advice

"We are on an annual license for the solution and the pricing could be more affordable."

"Qualys Web Application Scanning's pricing is a bit expensive compared to other solutions available in the market."

"The cost is $30,000 USD for one year to cover WAS (Web Application Security) and the VM (Virtual Machine) security in a company with 200 employees."

"Qualys WAS' pricing is competitive."

"We normally purchase an annual license."

"The product pricing is fair and reasonably priced."

"Pricing was reasonable and competitive. It was not too far above the other products."

"The product is expensive, at least initially, in comparison to other products in this category."

More Qualys Web Application Scanning pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

816,192 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

19%

Financial Services Firm

14%

Manufacturing Company

11%

Government

10%

Computer Software Company

16%

Financial Services Firm

16%

Manufacturing Company

10%

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about HCL AppScan?

The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.

See all answers

What needs improvement with HCL AppScan?

They could incorporate AI to enhance vulnerability detection and improve the product's reporting capabilities.

See all answers

What is your primary use case for HCL AppScan?

We use AppScan primarily for security testing and performance monitoring across our systems.

See all answers

What do you like most about Qualys Web Application Scanning?

The vulnerability management feature is a strong one. And also the patch management feature.

See all answers

What is your experience regarding pricing and costs for Qualys Web Application Scanning?

The product pricing is fair and reasonably priced.

See all answers

What needs improvement with Qualys Web Application Scanning?

One area for improvement is the user interface. The new UI, which was recently upgraded, feels more complex and less user-friendly than the old version. However, as we continue to use it, we antici...

See all answers

Comparisons

Acunetix vs HCL AppScan

Compared 15% of the time

SonarQube Server (formerly SonarQube) vs HCL AppScan

Compared 13% of the time

Veracode vs HCL AppScan

Compared 11% of the time

Fortify on Demand vs HCL AppScan

Compared 9% of the time

Snyk vs HCL AppScan

Compared 4% of the time

More HCL AppScan Competitors

OWASP Zap vs Qualys Web Application Scanning

Compared 19% of the time

SonarQube Server (formerly SonarQube) vs Qualys Web Application Scanning

Compared 11% of the time

Veracode vs Qualys Web Application Scanning

Compared 9% of the time

Fortify WebInspect vs Qualys Web Application Scanning

Compared 6% of the time

Tenable.io Web Application Scanning vs Qualys Web Application Scanning

Compared 5% of the time

More Qualys Web Application Scanning Competitors

Product Reports

Buyer's Guide

HCL AppScan

November 2024

Download HCL AppScan product report

Buyer's Guide

Qualys Web Application Scanning

November 2024

Download Qualys Web Application Scanning product report

Also Known As

IBM Security AppScan, Rational AppScan, AppScan

Qualys WAS

Learn More

HCLSoftware

Qualys

Overview

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

Qualys Web Application Scanning (WAS) is a fully cloud-based web application security scanner. The scanner will automatically crawl periodically and test web applications to discover potential vulnerabilities, including cross-site scripting (XSS) and SQL injection. The consistent testing equips the automated service to generate consistent results, lessen false positives, and offer the ability to scale to protect thousands of websites effortlessly.

Qualys Web Application Scanning is bundled with different scanning technology to carefully scan websites for malware infections and will send notifications to website owners to assist in preventing blacklisting and brand reputation damage. As digital transformation takes place in various organizations, Qualys WAS gives organizations the ability to track and document their web app security status through its interactive reporting capabilities.

Qualys WAS empowers organizations to remediate any web application vulnerabilities quickly. Some of the key tools offered are:

Deep Scanning: All apps and APIs on your internal network and public cloud are covered by Qualys WAS deep scanning to show you any visible vulnerabilities.
DevSec Ops Tool: Detect security issues in your code while still in app development stages and generate comprehensive reports.
Comprehensive Discovery: Discover and catalog new and unknown web apps in your network.
Malware Detection: Scan a website, identify vulnerabilities, and receive alerts to any infections.

Benefits of Qualys Web Application Scanning

Qualys Web Application Scanning offers many benefits, including:

Quick Deployment: Requires no infrastructure or software to upkeep.
Effortless Scalability: Effortlessly launch a deep scan and protect thousands of websites.
Centralized Management: Manage and mend all web app vulnerabilities through a single interface.
Excellent Integration Capabilities: Integrates with Qualys Web App Firewall (WAF) for a single-click virtual patching of found vulnerabilities.
Respond to Threats Immediately: Qualys Continuous Monitoring offers the user a hands-free service by automatically launching scanning and sending notifications of a potential threat.
Cost-effective Solution: Data is analyzed in real time as Qualys WAS is an end-to-end solution; this helps avoid costs associated with managing multiple security vendors.

Reviews from Real Users

Qualys Web Application Scanning stands out among its competitors for a variety of reasons. Two of those reasons are its progressive scan and quick detection of vulnerabilities.

P.K., a senior software developer at a tech vendor, writes, "The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."

Nagaraj S., lead cybersecurity engineer at a tech service company, notes, "I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."

Sample Customers

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT

BskyB, Cartagena, ClearPoint Learning Systems, Connect Group, du, Fortrex Technologies, HBOR, HDI, Highlights for Children, The Lithuanian State Enterprise Centre of Registers, City of Miami Beach, Microsoft, MidlandHR, MSCI Inc., Northern Arizona University, Ofgem, Olympus Europa, PhoneFactor, RTL Nederland, ThousandEyes, VGZ Organisatie B.V.

Buyer's Guide

HCL AppScan vs. Qualys Web Application Scanning

October 2024

Free Report: HCL AppScan vs. Qualys Web Application Scanning

Find out what your peers are saying about HCL AppScan vs. Qualys Web Application Scanning and other solutions. Updated: October 2024.

DOWNLOAD NOW

816,192 professionals have used our research since 2012.

See our HCL AppScan vs. Qualys Web Application Scanning report.

See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.