HCL AppScan vs Sonatype Repository Firewall Comparison 2024

HCL AppScan

Sonatype Repository Firewall

HCL AppScan

Read 41 HCL AppScan reviews

5,317 views|4,092 comparisons

Sonatype Repository Firewall

Read 3 Sonatype Repository Firewall reviews

753 views|384 comparisons

Comparison Buyer's Guide

Download the complete report

Buyer's Guide

HCL AppScan vs. Sonatype Repository Firewall

May 2024

Executive Summary

We performed a comparison between HCL AppScan and Sonatype Repository Firewall based on real PeerSpot user reviews.

Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed HCL AppScan vs. Sonatype Repository Firewall Report (Updated: May 2024).

Download the complete report

772,679 professionals have used our research since 2012.

Featured Review

AnanyaRoy

Risk Analyst at Deloitte

A stable and scalable product useful for application security scanning

Ashish Shukla

Global Treasurer at Genpact

You will get clean code every time, and that's a great achievement

I believe this tool is being used by most of the product development team in the organization. It's part of the CI/CD pipeline. You can say it's a... Read more →

Quotes From Members

We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:

Pros

"This is a stable solution.""The product has valuable features for static and dynamic testing.""IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability.""The solution is cheap.""The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance.""AppScan is stable.""It has certainly helped us find vulnerabilities in our software, so this is priceless in the end.""I like the recording feature."

More HCL AppScan Pros →

"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you.""The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."

More Sonatype Repository Firewall Pros →

Cons

"They have to improve support.""Improvement can be done as per customer requirements.""The penetration testing feature should be included.""We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices.""Many silly false positives are produced.""The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed.""There is room for improvement in the pricing model.""The solution's scalability can be a matter of concern because one license runs on one machine only."

More HCL AppScan Cons →

"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services.""The tool needs to improve its file systems. The product should also include zero test feature."

More Sonatype Repository Firewall Cons →

Pricing and Cost Advice

"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."

"With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."

"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."

"HCL AppScan is expensive."

"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."

"The price is very expensive."

"The solution is moderately priced."

"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

More HCL AppScan Pricing and Cost Advice →

"The pricing is reasonable if you're a large enterprise developing code. It's not super-expensive."

More Sonatype Repository Firewall Pricing and Cost Advice →

See Which Vendors Are Best For You

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See Recommendations

772,679 professionals have used our research since 2012.

Questions from the Community

What do you like most about HCL AppScan?

Top Answer:The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.

Read all 18 answers →

What needs improvement with HCL AppScan?

Top Answer:Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its… more »

Read all 21 answers →

What is your primary use case for HCL AppScan?

Top Answer:I mainly use AppScan to secure various types of applications. I use its DAFDAT solution for black box scanning, as well as SaaS and source code validation. AppScan helps in scanning code for… more »

Read all 19 answers →

What do you like most about Sonatype Nexus Firewall?

Top Answer:The product's network and intrusion protection features are valuable. It also has rules and compliance features for security.

Read all 2 answers →

What is your primary use case for Sonatype Nexus Firewall?

Top Answer:The product helps with vulnerability and security assessment. It also helps with assessment at the configuration level.

Read all 3 answers →

What advice do you have for others considering Sonatype Nexus Firewall?

Top Answer:I would rate the solution an eight out of ten.

Read all 2 answers →

Ranking

14th

out of 75 in Application Security Tools

Views

5,317

Comparisons

4,092

Reviews

Average Words per Review

346

Rating

7.5

35th

out of 75 in Application Security Tools

Views

753

Comparisons

384

Reviews

Average Words per Review

105

Rating

8.0

Comparisons

SonarQube vs. HCL AppScan

Compared 16% of the time.

Veracode vs. HCL AppScan

Compared 12% of the time.

Acunetix vs. HCL AppScan

Compared 11% of the time.

PortSwigger Burp Suite Professional vs. HCL AppScan

Compared 8% of the time.

OWASP Zap vs. HCL AppScan

Compared 8% of the time.

More HCL AppScan Competitors →

JFrog Xray vs. Sonatype Repository Firewall

Compared 35% of the time.

Cisco Secure Firewall vs. Sonatype Repository Firewall

Compared 12% of the time.

Black Duck vs. Sonatype Repository Firewall

Compared 9% of the time.

GitHub vs. Sonatype Repository Firewall

Compared 8% of the time.

Sonatype Lifecycle vs. Sonatype Repository Firewall

Compared 8% of the time.

More Sonatype Repository Firewall Competitors →

Also Known As

IBM Security AppScan, Rational AppScan, AppScan

Sonatype Nexus Firewall, Nexus Firewall

Learn More

HCLTech

Sonatype

Overview

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

Sonatype Repository Firewall is a cloud-based security solution designed to safeguard your software supply chain against malicious components. It operates by meticulously scanning and evaluating each new component against customized governance policies, thereby effectively identifying and blocking potential threats before they infiltrate your development pipeline. What sets Sonatype Repository Firewall apart is its user-friendly setup, seamless integration with existing workflows, and remarkable scalability, making it suitable for software development environments of any size. Key features include blocking malicious components through behavioral analysis, malware scanning, and vulnerability assessment, as well as the ability to enforce custom governance policies. By utilizing this tool, organizations can enhance their software supply chain security, mitigate risks related to supply chain attacks, bolster compliance with industry standards, and ultimately reduce costs associated with security incidents.

Sample Customers

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT

EDF, Tomitribe, Crosskey, Blackboard, Travel audience

Top Industries

REVIEWERS

Government15%

Transportation Company15%

Financial Services Firm10%

Manufacturing Company10%

VISITORS READING REVIEWS

Computer Software Company18%

Financial Services Firm14%

Government10%

Manufacturing Company9%

VISITORS READING REVIEWS

Financial Services Firm33%

Government9%

Computer Software Company6%

Manufacturing Company6%

Company Size

REVIEWERS

Small Business24%

Midsize Enterprise13%

Large Enterprise63%

VISITORS READING REVIEWS

Small Business16%

Midsize Enterprise12%

Large Enterprise72%

VISITORS READING REVIEWS

Small Business14%

Midsize Enterprise11%

Large Enterprise75%

HCL AppScan vs Sonatype Repository Firewall comparison