Try our new research platform with insights from 80,000+ expert users
HCL AppScan Logo

HCL AppScan pros and cons

Vendor: HCLSoftware
3.9 out of 5
Badge Ranked 1
1,789 followers
Post review

Pros & Cons summary

HCL AppScan automatically identifies URLs and domains for testing, offering extensive functionality with custom rules and knowledge bases. It supports specific development languages, enhances security through QR code scanning, sensitive code identification, and integrates well with SDLC. However, improvements are needed in CI/CD integration, reducing false positives, and product integration. Security enhancements and the inclusion of a penetration testing feature are also necessary.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

HCL AppScan automatically identifies URLs and domains, performs tests, and provides results.
It offers extensive functionality including custom rules and a knowledge base.
The turnaround time for requests, such as Burp Suite or other new feature implementations, is efficient.
HCL AppScan supports special programming languages, making it unique compared to other tools.
It provides valuable features for both static and dynamic testing, integrating well with the SDLC during the coding phase.

CONS

HCL AppScan often has a high number of false positives, which needs improvement.
The CI/CD Integration could be improved.
Support needs significant improvement.
Integration with other products presents challenges.
Pricing has room for improvement.
 

HCL AppScan Pros review quotes

reviewer1428084 - PeerSpot reviewer
Jan 19, 2022
The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL.
Read full review
it_user841956 - PeerSpot reviewer
Mar 21, 2018
For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted.
Read full review
it_user840909 - PeerSpot reviewer
Mar 20, 2018
It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code.
Read full review
Buyer's Guide
HCL AppScan
November 2024
Free Report: HCL AppScan Reviews and More
Learn what your peers think about HCL AppScan. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,192 professionals have used our research since 2012.
it_user842904 - PeerSpot reviewer
Mar 22, 2018
Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production.
Read full review
it_user634890 - PeerSpot reviewer
Mar 29, 2017
It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply.
Read full review
CV
Apr 19, 2024
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
Read full review
reviewer1415661 - PeerSpot reviewer
Nov 9, 2020
It identifies all the URLs and domains on its own and then performs tests and provides the results.
Read full review
Gladwin Christian - PeerSpot reviewer
Sep 29, 2023
The most valuable feature of the solution is the scanning or security part.
Read full review
reviewer1467588 - PeerSpot reviewer
Dec 7, 2020
There's extensive functionality with custom rules and a custom knowledge base.
Read full review
Miar Ahmad - PeerSpot reviewer
Feb 6, 2023
The most valuable feature of the solution is Postman.
Read full review
Show 10 more reviews (out of 37)
 

HCL AppScan Cons review quotes

reviewer1428084 - PeerSpot reviewer
Jan 19, 2022
The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved.
Read full review
it_user841956 - PeerSpot reviewer
Mar 21, 2018
I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point.
Read full review
it_user842904 - PeerSpot reviewer
Mar 22, 2018
I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers.
Read full review
Buyer's Guide
HCL AppScan
November 2024
Free Report: HCL AppScan Reviews and More
Learn what your peers think about HCL AppScan. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,192 professionals have used our research since 2012.
it_user634890 - PeerSpot reviewer
Mar 29, 2017
We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices.
Read full review
CV
Apr 19, 2024
Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features.
Read full review
reviewer1415661 - PeerSpot reviewer
Nov 9, 2020
One thing which I think can be improved is the CI/CD Integration
Read full review
Gladwin Christian - PeerSpot reviewer
Sep 29, 2023
The solution's scalability can be a matter of concern because one license runs on one machine only.
Read full review
reviewer1467588 - PeerSpot reviewer
Dec 7, 2020
The solution often has a high number of false positives. It's an aspect they really need to improve upon.
Read full review
Miar Ahmad - PeerSpot reviewer
Feb 6, 2023
The databases for HCL are small and have room for improvement.
Read full review
PD
Jul 13, 2022
We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated.
Read full review
Show 10 more reviews (out of 35)

Product Categories

Product Categories
Application Security Tools
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)

Popular Comparisons

Popular Comparisons
SonarQube Server (formerly SonarQube) vs HCL AppScan Logo
SonarQube Server (formerly SonarQube) vs HCL AppScan
Veracode vs HCL AppScan Logo
Veracode vs HCL AppScan
GitLab vs HCL AppScan Logo
GitLab vs HCL AppScan
Checkmarx One vs HCL AppScan Logo
Checkmarx One vs HCL AppScan
Snyk vs HCL AppScan Logo
Snyk vs HCL AppScan
Mend.io vs HCL AppScan Logo
Mend.io vs HCL AppScan
Fortify on Demand vs HCL AppScan Logo
Fortify on Demand vs HCL AppScan
Sonatype Lifecycle vs HCL AppScan Logo
Sonatype Lifecycle vs HCL AppScan
Acunetix vs HCL AppScan Logo
Acunetix vs HCL AppScan
PortSwigger Burp Suite Professional vs HCL AppScan Logo
PortSwigger Burp Suite Professional vs HCL AppScan
Qualys Web Application Scanning vs HCL AppScan Logo
Qualys Web Application Scanning vs HCL AppScan
Tenable.io Web Application Scanning vs HCL AppScan Logo
Tenable.io Web Application Scanning vs HCL AppScan
CodeSonar vs HCL AppScan Logo
CodeSonar vs HCL AppScan
Kiuwan vs HCL AppScan Logo
Kiuwan vs HCL AppScan
Contrast Security Assess vs HCL AppScan Logo
Contrast Security Assess vs HCL AppScan
See all alternatives

Product Categories

Product Categories
Application Security Tools
Static Application Security Testing (SAST)
Dynamic Application Security Testing (DAST)

Popular Comparisons

Popular Comparisons
SonarQube Server (formerly SonarQube) vs HCL AppScan Logo
SonarQube Server (formerly SonarQube) vs HCL AppScan
Veracode vs HCL AppScan Logo
Veracode vs HCL AppScan
GitLab vs HCL AppScan Logo
GitLab vs HCL AppScan
Checkmarx One vs HCL AppScan Logo
Checkmarx One vs HCL AppScan
Snyk vs HCL AppScan Logo
Snyk vs HCL AppScan
Mend.io vs HCL AppScan Logo
Mend.io vs HCL AppScan
Fortify on Demand vs HCL AppScan Logo
Fortify on Demand vs HCL AppScan
Sonatype Lifecycle vs HCL AppScan Logo
Sonatype Lifecycle vs HCL AppScan
Acunetix vs HCL AppScan Logo
Acunetix vs HCL AppScan
PortSwigger Burp Suite Professional vs HCL AppScan Logo
PortSwigger Burp Suite Professional vs HCL AppScan
Qualys Web Application Scanning vs HCL AppScan Logo
Qualys Web Application Scanning vs HCL AppScan
Tenable.io Web Application Scanning vs HCL AppScan Logo
Tenable.io Web Application Scanning vs HCL AppScan
CodeSonar vs HCL AppScan Logo
CodeSonar vs HCL AppScan
Kiuwan vs HCL AppScan Logo
Kiuwan vs HCL AppScan
Contrast Security Assess vs HCL AppScan Logo
Contrast Security Assess vs HCL AppScan
See all alternatives
Related questions
  • 49
Difference between IBM Appscan and HP fortify software
  • 18
Which solution do you prefer: Fortify WebInspect or HCL AppScan?
  • 997
If you had to both encrypt and compress data during transmission, which would you do first and why?
  • 104
When evaluating Application Security, what aspect do you think is the most important to look for?
  • 212
What are the Top 5 cybersecurity trends in 2022?
  • 175
What are the threats associated with using ‘bogus’ cybersecurity tools?
  • 28
Which application security solutions include both vulnerability scans and quality checks?
  • 78
We're evaluating Tripwire, what else should we consider?
  • 2,251
Is SonarQube the best tool for static analysis?
  • 48
Why Do I Need Application Security Software?