Try our new research platform with insights from 80,000+ expert users

HCL AppScan pros and cons

Vendor: HCLSoftware

3.9 out of 5

43 reviews
83% willing to recommend

1,789 followers

Pros & Cons summary

HCL AppScan offers essential templates for PCI compliance and excels in ease of use, code scanning, and detailed reporting. While it effectively identifies vulnerabilities and provides remediation steps, false positives remain an issue. Integration with SDLC is beneficial, but challenges arise with other products. Performance and support require optimization. Though cost-effective, improvements in pricing models and compatibility would enhance its appeal to tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

HCL AppScan helps companies comply with regulations such as PCI by providing necessary templates.

It enhances productivity by enabling multiple website scans simultaneously, focusing on severe vulnerabilities.

The tool aids in detecting vulnerabilities accurately, offering valuable remediation steps and minimizing false positives.

HCL AppScan integrates smoothly into the SDLC, facilitating security in the development process and identifying internal application risks.

The platform is valued for its scanning capabilities and quick feature updates, including AI-powered enhancements, making it a cost-effective choice.

CONS

HCL AppScan needs to improve its handling of false positives and enhance vulnerability detection.

Integration challenges with other products and reporting tools impact HCL AppScan's efficiency.

Performance optimization is needed for scanning large websites and ensuring quick completion of scans.

Scalability is a concern as HCL AppScan licenses operate on a single machine only.

Pricing and technical limitations of HCL AppScan need attention to remain competitive in the market.

HCL AppScan Pros review quotes

reviewer1428084

Principal Architect, Application Build Security. at a transportation company with 10,001+ employees

Jan 19, 2022

The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL.

Read full review

Director Of Product Cyber Security at Honeywell International Inc.

Mar 21, 2018

For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted.

Read full review

Managing director at Accenture

Mar 20, 2018

It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code.

Read full review

Free Report: HCL AppScan Reviews and More

Learn what your peers think about HCL AppScan. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

824,053 professionals have used our research since 2012.

CTO at Anzen

Mar 22, 2018

Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production.

Read full review

Chief information with 5,001-10,000 employees

Mar 29, 2017

It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply.

Read full review

CV

CRISTIANO VIEIRA SILVA

Mechanical maintenance technician at SAQ

Apr 19, 2024

The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.

Read full review

reviewer1415661

General Manager at a consultancy with 51-200 employees

Nov 9, 2020

It identifies all the URLs and domains on its own and then performs tests and provides the results.

Read full review

Gladwin Christian

QA manager at SmartStream Technologies ltd.

Sep 29, 2023

The most valuable feature of the solution is the scanning or security part.

Read full review

reviewer1467588

Owner/ Consultant at a tech services company with 1-10 employees

Dec 7, 2020

There's extensive functionality with custom rules and a custom knowledge base.

Read full review

Software Engineer at Inspire for Solutions Development

Feb 6, 2023

The most valuable feature of the solution is Postman.

Read full review

Show 10 more reviews (out of 38)

HCL AppScan Cons review quotes

reviewer1428084

Principal Architect, Application Build Security. at a transportation company with 10,001+ employees

Jan 19, 2022

The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved.

Read full review

Director Of Product Cyber Security at Honeywell International Inc.

Mar 21, 2018

I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point.

Read full review

CTO at Anzen

Mar 22, 2018

I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers.

Read full review

Free Report: HCL AppScan Reviews and More

Learn what your peers think about HCL AppScan. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.

824,053 professionals have used our research since 2012.

Chief information with 5,001-10,000 employees

Mar 29, 2017

We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices.

Read full review

CV

CRISTIANO VIEIRA SILVA

Mechanical maintenance technician at SAQ

Apr 19, 2024

Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features.

Read full review

reviewer1415661

General Manager at a consultancy with 51-200 employees

Nov 9, 2020

One thing which I think can be improved is the CI/CD Integration

Read full review

Gladwin Christian

QA manager at SmartStream Technologies ltd.

Sep 29, 2023

The solution's scalability can be a matter of concern because one license runs on one machine only.

Read full review

reviewer1467588

Owner/ Consultant at a tech services company with 1-10 employees

Dec 7, 2020

The solution often has a high number of false positives. It's an aspect they really need to improve upon.

Read full review

Software Engineer at Inspire for Solutions Development

Feb 6, 2023

The databases for HCL are small and have room for improvement.

Read full review

reviewer2381214

Associate Principal, Software Engineering at LTIMindtree

Nov 11, 2024

AppScan needs to improve its handling of false positives.

Read full review

Show 10 more reviews (out of 36)

Product Categories

Product Categories

Application Security Tools

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Popular Comparisons

Popular Comparisons

SonarQube Server (formerly SonarQube) vs HCL AppScan

Veracode vs HCL AppScan

GitLab vs HCL AppScan

Snyk vs HCL AppScan

Checkmarx One vs HCL AppScan

Mend.io vs HCL AppScan

Fortify on Demand vs HCL AppScan

Sonatype Lifecycle vs HCL AppScan

Acunetix vs HCL AppScan

PortSwigger Burp Suite Professional vs HCL AppScan

Qualys Web Application Scanning vs HCL AppScan

Tenable.io Web Application Scanning vs HCL AppScan

CodeSonar vs HCL AppScan

Kiuwan vs HCL AppScan

Contrast Security Assess vs HCL AppScan

See all alternatives

Product Categories

Product Categories

Application Security Tools

Static Application Security Testing (SAST)

Dynamic Application Security Testing (DAST)

Popular Comparisons

Popular Comparisons

SonarQube Server (formerly SonarQube) vs HCL AppScan

Veracode vs HCL AppScan

GitLab vs HCL AppScan

Snyk vs HCL AppScan

Checkmarx One vs HCL AppScan

Mend.io vs HCL AppScan

Fortify on Demand vs HCL AppScan

Sonatype Lifecycle vs HCL AppScan

Acunetix vs HCL AppScan

PortSwigger Burp Suite Professional vs HCL AppScan

Qualys Web Application Scanning vs HCL AppScan

Tenable.io Web Application Scanning vs HCL AppScan

CodeSonar vs HCL AppScan

Kiuwan vs HCL AppScan

Contrast Security Assess vs HCL AppScan

See all alternatives

Related questions

48

Difference between IBM Appscan and HP fortify software

18

Which solution do you prefer: Fortify WebInspect or HCL AppScan?

923

If you had to both encrypt and compress data during transmission, which would you do first and why?

89

When evaluating Application Security, what aspect do you think is the most important to look for?

169

What are the Top 5 cybersecurity trends in 2022?

169

What are the threats associated with using ‘bogus’ cybersecurity tools?

25

Which application security solutions include both vulnerability scans and quality checks?

74

We're evaluating Tripwire, what else should we consider?

2,127

Is SonarQube the best tool for static analysis?

45

Why Do I Need Application Security Software?