HCL AppScan Reviews

Our clients use it to try to find errors in base code, and also to find how solutions work together.

I believe they have on-premise usage; they are local government, so they are not very used to using the cloud.

I'm mainly working on the licensing side and not the technical side, so I don't get this kind of feedback.

Scalability, and it's a very powerful tool.

I believe there are improvements that can be made, but I'm not aware of those kinds of things.

It's stable.

For the market in Finland, when we are talking about a mid-size company, it equals a small company here in the USA, but they are mainly from 1,000 users to 10,000 users.

Tech support is responsive. With the local support I get all the help I need. I'm a former IBMer, so I know the right contacts, so it's quite simple to work.

I think it's a little bit complex, and that's quite a common issue with most of the IBM products.

Some of the customers are using office open-source tools, but most are not using a tool at all. So, that's the competition. Of course, they are thinking about return on investment because it's quite an expensive tool and they won't take it back.

It is an application for security assessment or scanning for static environments.

With all customers, it is performing well.

The static scans are good, and the SaaS as well. 

There is not a central management for static and dynamic. This would be great, at least with competition such as Micro Focus.

The technical support is knowledgeable. However, our issue is not enough resources supporting our region. For Dubai, which is in the Gulf region, we need more technical support resources.

The initial setup is not that complex.

Most important criteria when choosing to partner with a company: I started working with IBM only one year back. When I started a partnership with them, IBM had the security portfolio which covered most of the region where my customers were. IBM has a name with the support along the quality of its products.

We use it for all website development and web-based applications, as part of our development test cycle and QA.

We also routinely use it on existing applications in production because, in terms of security and vulnerabilities, some of the latter exist on some of the platforms that we run. So we run it from time to time, to do some security checks, etc.

It has certainly improved our organization In terms of quality of solutions that are developed. 

I think it's easy to use and gives back some pretty good results, certainly for vulnerabilities.

I haven't actually used it personally, so I'm not sure that I would be able to answer this.

It's pretty stable.

It's scalable. We just did a review of the product itself, and it's something that we've decided to keep and continue using.

Support: I'll just leave it at "good."

This particular product is one of the easier products to set up.

We've had a relationship for some time, over 20 years now, with IBM. It's really about the products, in terms of what we are looking for. That's really the deciding factor in deciding whether we'd use them for a particular solution.