# HCL AppScan Reviews **Vendor:** HCL Technologies **Category:** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast) **Average Rating:** 4.1/5.0 **Total Reviews:** 76 ## About HCL AppScan HCL AppScan is a comprehensive suite of market-leading application security testing solutions (SAST, DAST, IAST, SCA, API), available on-premises and on-cloud. These powerful DevSecOps tools pinpoint application vulnerabilities, allowing for quick remediation in every phase of the software development lifecycle. Fast and Accurate Scanning for Secure DevOps Developers and DevOps teams can quickly and accurately scan code, applications, and APIs for security vulnerabilities while applications are being developed. This allows companies to fix issues at the earliest stages of the software development lifecycle, when it is least costly to the business. Focus on the Fix Continuous monitoring with IAST, along with auto issue correlation with DAST and SAST scan results allows DevOps teams to group and prioritize findings for faster, more streamlined remediation. Enterprise Management for Security Teams Centralized, easy-to-use dashboards provide visibility and oversight of all security scanning and remediation, and allow users to set scan parameters and compliance policies. ## HCL AppScan Reviews ### 1. HCL App Scan **Rating:** 3.5/5.0 stars **Reviewed by:** sanjay s. | Security Analyst, Small-Business (50 or fewer emp.) **Reviewed Date:** December 13, 2022 **What do you like best about HCL AppScan?** HCL App Scan has a really good user interface. It clearly shows the number of vulnerabilities and provides detailed, accurate information about each one. This helps me, as a tester, analyze the results much better and understand the issues more easily. **What do you dislike about HCL AppScan?** HCL App Scan is good at finding vulnerabilities. However, compared to other enterprise tools, it tends to report more false positives. At times, the number of false-positive issues can be a problem. **What problems is HCL AppScan solving and how is that benefiting you?** The best feature is how easily it shows the flow of the code. It captures the vulnerability and then lets me trace it back to the source code, which is very important, especially in the context of code review. It’s also easy to integrate. ### 2. I've been using the product for almost 20 years **Rating:** 3.0/5.0 stars **Reviewed by:** Andrew P. | Sr. Security Specialist, Enterprise (> 1000 emp.) **Reviewed Date:** January 23, 2024 **What do you like best about HCL AppScan?** Ease of use. I can quickly scan a sight and have the response to the developers in a timely maner. **What do you dislike about HCL AppScan?** I can't scan applications behind Azure that use MFA. The recording login feature only allows me to use their built in browser. When I choose a third party browser to run a scan it will only start that browser in private mode so I can't use cached credentials. The reporting does not allow me to export to an excel file to create a check list of what the issues are so I can easily track resolutions with projects and developers. I've only had to use customer support once and it was not a good experience. I had to work directly with the technical sales department to have my issue resolved. I'd recommend using the same approach. The license manager is a nightmare to work with. I have to re-build my machine everytime I switch networks to perform a scan. 802.1x completely breaks the license manager so I have to get a by-pass from our networking group. Not sure why Licensing is so difficult to use. I've had co-workers who quit using the product because of it. **What problems is HCL AppScan solving and how is that benefiting you?** I'm able to provide the developers a report of issues that may be present in their solution. Usually the report consists of variables that I do not understand but the report seems to make sense to the developers, which is good. ### 3. Easy to setup and powerful application security **Rating:** 4.0/5.0 stars **Reviewed by:** chandramohan K. | Junior System Administrator, Small-Business (50 or fewer emp.) **Reviewed Date:** March 10, 2024 **What do you like best about HCL AppScan?** It is easy to use and have Comprehensive Security Testing, Vulnerability Detection, including web, mobile, and cloud-based applications, needs of modern businesses with the less number of false positivies and the ease of UI makes it the best of its kind. It is easy to install and setup with Automatic scan also, if stuck at some point then support from the team is quick and excellent **What do you dislike about HCL AppScan?** While scanning, if any error occurs then It can recommend the fix for the error that occurred during the scan which can be fixed in future.Like its storing multiple manuals explore, It should have the capability of storing multiple logins. HCL AppScan's document should mention step by step for beginners which can be helpful **What problems is HCL AppScan solving and how is that benefiting you?** It scan the application and fix the loop hole in application security beforehand any disaster happens ### 4. A Testing Suite that packs quite a punch! **Rating:** 5.0/5.0 stars **Reviewed by:** Pranav U. | Flutter Developer, Mid-Market (51-1000 emp.) **Reviewed Date:** February 09, 2024 **What do you like best about HCL AppScan?** The best thing I like about HCL AppScan is the clean and simple UI amalgamated with pretty accurate scan results. Unlike other applications or software, this app is very beginner friendly and the support it offers is outstanding. **What do you dislike about HCL AppScan?** Even though the app is accurate, some false positives always creeps in. Comparatively it gives less false positives than others in the market but I believe the false positives can be avoided in future to make testing less menial. **What problems is HCL AppScan solving and how is that benefiting you?** It helps in identifying security threats way earlier, during production itself and hence enables us to take mitigation steps or even raise the issue with higher authorities. HCL AppScan has been a life saver in the security domain for code analysis and vulnerability testing. ### 5. All in one solution **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Pharmaceuticals | Enterprise (> 1000 emp.) **Reviewed Date:** February 12, 2024 **What do you like best about HCL AppScan?** One of the most important aspects especially about HCL AppScan is super easy to integrate directly into the SDLC. Managing it is very user-friendly and very easy for DevOps to also use. It is hosted in a cloud-native environment so it provides high availability, scalability and high restorable capacities for disaster recovery. Apart from that there are almost all the features available that are needed for proper in-depth Application Security Scanning, along with providing visibility into the current security posture and safeguarding the applications from threats, and vulnerabilities. It also keeps track of any compliance violations. Their crawler I must say is one of the top-notch in the market. Since it provides a comprehensive solution for security testing and management, it is used as a daily tool. It helped significantly to reduce errors and track metrics on a daily cadence. Another, interesting point to note is their prompt customer service, if any assistance is required. Overall it is a great tool! I highly recommend it! **What do you dislike about HCL AppScan?** The only downside I can think of is the cost is a bit on the higher end for lower-budget projects. **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan has significantly reduced the flaw counts, which has made a positive impact on our overall security metrics and security posture. Due to its ease of implantation, I am now able to implement a Shift-left mentality in a more hostile approach. That was one of the major milestones that I have been able to achieve using the tool. ### 6. Empowering Application Security with HCL AppScan **Rating:** 4.5/5.0 stars **Reviewed by:** Athar S. | Lead SecOps Engineer, Mid-Market (51-1000 emp.) **Reviewed Date:** November 21, 2023 **What do you like best about HCL AppScan?** HCL AppScan stands out in delivering comprehensive security solutions. Its extensive suite of features guarantees a meticulous evaluation of applications, assisting in the identification and remediation of potential vulnerabilities with exceptional efficacy. The most advantageous aspect of HCL AppScan lies in its sophisticated security testing capabilities. The tool's prowess in performing exhaustive scans and its adaptability to diverse security testing methodologies render it an invaluable asset in safeguarding applications against a myriad of potential threats. HCL AppScan's intuitive interface simplifies navigation and its adaptability to diverse testing methodologies enhances its effectiveness. **What do you dislike about HCL AppScan?** While HCL AppScan is a powerful tool, the learning curve for new users can be steep. Beginners might find it challenging to grasp the full range of features and functionalities initially. AppScan's documentation could be more detailed and beginner-friendly. AppScan's implementation process can be challenging for some users. **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan tackles the intricacies of Dynamic Application Security Testing (DAST) with finesse. It adeptly uncovers vulnerabilities in operational applications, erecting a critical barrier against potential threats. This unwavering dedication to DAST guarantees that your applications endure rigorous and dynamic security evaluations, fostering a more resilient security stance. ### 7. The easy choice **Rating:** 4.5/5.0 stars **Reviewed by:** K U K. | Cyber Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** November 25, 2023 **What do you like best about HCL AppScan?** HCL AppScan is a robust platform which has a great customer support which was the first choice to consider. Leverging the full potential in our DevSecOps team from the very beginning of our SDLC, the app setup was a breeze. Some of the noteworthy features that is unique to AppScan is SAST scan, cloud native, vast integration library and cross application monitoring. A noteworthy thing to point out is, the implementation took a very short amount of time which made AppScan as the easy choice. **What do you dislike about HCL AppScan?** There are no shortcomings in the AppScan according to my usage and workflow. **What problems is HCL AppScan solving and how is that benefiting you?** It is helping to scan the vulnerabilities on the cloud as we as on premise systems. Also, we use it in every phase of our SDLC to point out the code level vulnerabilities. ### 8. HCL Appscan **Rating:** 4.5/5.0 stars **Reviewed by:** Shreyansh Kumar G. | Mid-Market (51-1000 emp.) **Reviewed Date:** February 23, 2024 **What do you like best about HCL AppScan?** HCL Appscan is known for its comprehensive approach to application security testing. One of the best feature is its ability to detect a wide range of vulnerability across various types of application. It has advanced scanning capabilities. **What do you dislike about HCL AppScan?** Interface can be more good. As Appscan is a commercial product it may not fit every budget **What problems is HCL AppScan solving and how is that benefiting you?** HCL Appscan is solving problems such as security vulnerabilities in web application and APIs. It is benefitting me in various ways such as risk reduction, vulnerability identification,etc. ### 9. Technical Lead **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** November 21, 2023 **What do you like best about HCL AppScan?** HCL AppScan has been a game-changer for our security initiatives. Its robust features, including dynamic and static application security testing, have provided a thorough analysis of our applications. The comprehensive reports help us pinpoint vulnerabilities early in the development process, allowing for timely remediation. The interactive application security testing adds an extra layer of depth, ensuring a more resilient software environment. The user-friendly interface and detailed documentation further contribute to the overall positive experience. HCL AppScan undoubtedly stands out as a valuable asset in our quest for secure and reliable applications. **What do you dislike about HCL AppScan?** While HCL AppScan offers a robust set of features for application security, there are some areas that could be improved. The learning curve for new users is steeper than desired, and the initial setup process can be a bit cumbersome. **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan has been instrumental in solving critical security challenges in our software development lifecycle. The Static Application Security Testing (SAST) functionality provides a deep dive into our source code, uncovering vulnerabilities early in the development process. This has significantly reduced the likelihood of releasing code with potential security risks. On the Dynamic Application Security Testing (DAST) front, AppScan's ability to simulate real-world attacks on running applications has been a game-changer. It detects vulnerabilities that might not be apparent in the source code alone, offering a comprehensive view of our application's security posture in different environments. The seamless integration of SAST and DAST in a single platform streamlines our security testing efforts. The consolidated reports provide actionable insights, enabling our team to prioritize and address vulnerabilities efficiently. HCL AppScan's contribution to enhancing the overall security of our applications is undeniable, and its role in fortifying our software against potential threats is invaluable. ### 10. Advanced scan results with less false positives **Rating:** 5.0/5.0 stars **Reviewed by:** Shashank B. | Mid-Market (51-1000 emp.) **Reviewed Date:** February 15, 2024 **What do you like best about HCL AppScan?** Appscan tool is amongst top rated automated scan tools that covers advanced attack surfaces and discovers vulnerabilities with minimal false positives. Best feature is it scans to a wider extent and advanced attacks which helps secure applications **What do you dislike about HCL AppScan?** Tools may adopt better cvss and cwe profiling of identified vulnerabilities **What problems is HCL AppScan solving and how is that benefiting you?** It quickly scans the application binaries and results are accurate with elaborative attack description ### 11. I have used HCL AppScan for vulnerability assessments it is really amazing tool to work with **Rating:** 5.0/5.0 stars **Reviewed by:** Madhusudhanraju T. | Associate - Cyber Security, Small-Business (50 or fewer emp.) **Reviewed Date:** February 20, 2024 **What do you like best about HCL AppScan?** Its really effictive and provides results with minimum number of false positives. **What do you dislike about HCL AppScan?** User interface could be a little better than the existing one **What problems is HCL AppScan solving and how is that benefiting you?** HCL application is performing both DAST and SAST, It is effectively providing the vulnerbilities with proper remediation. It is also providing less number of false positives when compared to different tools. ### 12. HCL scan review for application **Rating:** 5.0/5.0 stars **Reviewed by:** Divyakanth V. | IAM Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** February 21, 2024 **What do you like best about HCL AppScan?** with the less number of false positivies and the ease of UI makes it the best of its kind. Not to forget the continous customer support provided round the clock. **What do you dislike about HCL AppScan?** Making the "quick scan" response bit quicker with effective vulnarabilities would be a greater addition **What problems is HCL AppScan solving and how is that benefiting you?** Cost effiective with effective vulnarabilities found out. ### 13. Comprehensive Analysis and User Experience: HCL AppScan Review **Rating:** 4.5/5.0 stars **Reviewed by:** Momin N. | Information Technology Executive, Small-Business (50 or fewer emp.) **Reviewed Date:** November 23, 2023 **What do you like best about HCL AppScan?** Comprehensive Security Testing, Vulnerability Detection, including web, mobile, and cloud-based applications, adapting to the diverse needs of modern businesses. Integration Capabilities,With its scalable architecture and flexible deployment options, HCL AppScan caters to businesses of varying sizes and complexities, adapting to their security testing needs effectively. **What do you dislike about HCL AppScan?** significant system resources during scanning,mastering the full capabilities of the software can have a steep learning curve,The cost of HCL AppScan could be a concern for smaller businesses or startups. **What problems is HCL AppScan solving and how is that benefiting you?** Vulnerability Identification and Mitigation,Early Detection of Security Gaps ### 14. HCL App Scan Features **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** February 27, 2024 **What do you like best about HCL AppScan?** It have options of deployment for every type either it is on premises,cloud based or cloud native. Software Composition Ananlysis is one of the best available solution according to me, Easy to implement and use. **What do you dislike about HCL AppScan?** Nothing much to describe here because haven't seen anything yet, but surely let you know if I found. **What problems is HCL AppScan solving and how is that benefiting you?** It addresses various problems such as security testing and identifying vulnerabilities for quick remediation throughout the software development life cycle. ### 15. HCL AppScan **Rating:** 4.5/5.0 stars **Reviewed by:** AKASH V. | Cyber Security Analyst, Mid-Market (51-1000 emp.) **Reviewed Date:** February 13, 2024 **What do you like best about HCL AppScan?** HCL AppScan -reducd the risk level, enhanced application security management, and increase the regulatory compliance. **What do you dislike about HCL AppScan?** Nothing now from my side, it's doing their work good **What problems is HCL AppScan solving and how is that benefiting you?** Find vulnerabilities and fix the issue before our software is released ### 16. HCL Apps can Review **Rating:** 3.5/5.0 stars **Reviewed by:** Aninkan G. | System Engineer(L2 Production Application Support Executive), Enterprise (> 1000 emp.) **Reviewed Date:** February 05, 2024 **What do you like best about HCL AppScan?** HCL AppScan provides the best features in app scanning,time saving and provides more professional approach in guiding users **What do you dislike about HCL AppScan?** HCL AppScan can sometimes be expensive and likeable to not used on bulk **What problems is HCL AppScan solving and how is that benefiting you?** It is beneftting me in Static Application Server Testing ### 17. Efficient Security Scanning: HCL AppScan Review **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** February 11, 2024 **What do you like best about HCL AppScan?** AppScan's thorough scanning capabilities and CI/CD integration streamline security testing. Detailed reporting aids in prioritizing vulnerabilities effectively. **What do you dislike about HCL AppScan?** Complexity and potentially prohibitive licensing may pose challenges for new users and smaller organizations. **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan solves security vulnerabilities in web applications and APIs, preventing breaches and data compromises. This benefits me by enabling efficient security assessments, prioritizing remediation, and ensuring the integrity of our digital assets, instilling confidence in stakeholders and customers. ### 18. application security testing suite, used to test web applications and services **Rating:** 5.0/5.0 stars **Reviewed by:** Dhas V. | Technology Operation Specialist , Enterprise (> 1000 emp.) **Reviewed Date:** November 19, 2023 **What do you like best about HCL AppScan?** It features cutting edge methods and techniques to identify security vulnerabilities to help protect applications from the threat of cyber-attacks. Incremental scanning, test optimization, third-party component detection, web API scanning, and more **What do you dislike about HCL AppScan?** No dislike I can realise as of now. Thanks **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan is one of the best tools for application security. It is easy to use, gets the job done, and provides good documentation. ### 19. It works very smoothly and just add things are going crazy. **Rating:** 4.0/5.0 stars **Reviewed by:** Alim P. | Senior Software Test Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** February 12, 2024 **What do you like best about HCL AppScan?** Simple, accurate, and awesome one. Looks stylish. **What do you dislike about HCL AppScan?** Speed advertising. Optimization things required. **What problems is HCL AppScan solving and how is that benefiting you?** It gave me many easy and difficult bugs over time. ### 20. User friendly security intelligence and very quick security scanning **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Security and Investigations | Enterprise (> 1000 emp.) **Reviewed Date:** February 24, 2024 **What do you like best about HCL AppScan?** It gives best security features of security scanning and save from security loopholes on the devices have applications installed. Very quick and security rich scanning **What do you dislike about HCL AppScan?** So far, I couldn't find any issues so no complaints **What problems is HCL AppScan solving and how is that benefiting you?** It scans and and give quick results for security loopholes, and easy to use also works really quick ### 21. This app scan is very convenient and easy to use **Rating:** 5.0/5.0 stars **Reviewed by:** manjunath P. | Information Security Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** November 08, 2023 **What do you like best about HCL AppScan?** HCL app scan is useful for developers and security teams with a Pintpoint application vulnerability for quick scans and remediation in every. It is very convenient to use and balance between accuracy and speed of the results. Easy to install and easy to setup. **What do you dislike about HCL AppScan?** Sometimes it will takes long time to complete a scan. **What problems is HCL AppScan solving and how is that benefiting you?** Performing security tests on web application and API. ### 22. Appscan standard we use for application vulnerability scanning. **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Utilities | Enterprise (> 1000 emp.) **Reviewed Date:** December 16, 2022 **What do you like best about HCL AppScan?** HCL support is really fast and reliable. Appreciate **What do you dislike about HCL AppScan?** The demerits i seen in Appscan has been rectified in the latest versions. I could see the developers comes with new features in new releases.Thanks **What problems is HCL AppScan solving and how is that benefiting you?** Appscan crash in middle of the scan which has been rectified. Appscan took days to complete scans with large URLs which has been remediated in new releases ### 23. Good stand alone software which enhance the security of the network **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in E-Learning | Small-Business (50 or fewer emp.) **Reviewed Date:** November 22, 2023 **What do you like best about HCL AppScan?** It provides good features like jira integration which is very necessary to manage the product and team with having good enhancement of the security features enabled. It is very helpful in managing the user and security groups. Easy to handle and maintain. Good customer support. Implementation is very easy. Frequeny of usuage is good in all terms. **What do you dislike about HCL AppScan?** According to me nothing is there which i dislike in this product. **What problems is HCL AppScan solving and how is that benefiting you?** It is overall beneficial in enhancing the security of the system. ### 24. Ok App **Rating:** 3.0/5.0 stars **Reviewed by:** Gaurav B. | Cyber Security Engineer, Small-Business (50 or fewer emp.) **Reviewed Date:** December 12, 2023 **What do you like best about HCL AppScan?** It is from a well known and trusted brand. **What do you dislike about HCL AppScan?** Not till now.Gonna use more to know abt it. **What problems is HCL AppScan solving and how is that benefiting you?** Got to know about the vulnerabilities and remediation. ### 25. General Overview **Rating:** 4.0/5.0 stars **Reviewed by:** Nehal C. | Small-Business (50 or fewer emp.) **Reviewed Date:** November 20, 2023 **What do you like best about HCL AppScan?** Easy to use and does the job well compared to alternates **What do you dislike about HCL AppScan?** Nothing as such. I found the tools decent. **What problems is HCL AppScan solving and how is that benefiting you?** We were trying to find different security complications and vulnerabilites and found the tool helpul in viewing those. ### 26. Fantastic experience after using the AppScan **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Banking | Enterprise (> 1000 emp.) **Reviewed Date:** February 19, 2024 **What do you like best about HCL AppScan?** Quick remediation in SDLC phase of the testing **What do you dislike about HCL AppScan?** Everthing is perfect. UI can be a little better **What problems is HCL AppScan solving and how is that benefiting you?** In every phase it provides tye bugs ### 27. HCL AppScan Review **Rating:** 3.5/5.0 stars **Reviewed by:** Adish J. | Information Security Manager, Enterprise (> 1000 emp.) **Reviewed Date:** December 19, 2022 **What do you like best about HCL AppScan?** HCL AppScan's best feature is that it offers unlimited application scans, in a single license. Application setup is relatively easy and often gives accurate results. **What do you dislike about HCL AppScan?** Not a great tool for scenarios where authentication/authorization is not an inherent part of the application flow. The tool should also have an active mechanism for OTP verification. **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan enabled us to automate DAST to a certain level. It reports relatively fewer false positives which helps to reduce any additional overhead on the team to validate reported issues. ### 28. Powerfull, easy to use **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Banking | Mid-Market (51-1000 emp.) **Reviewed Date:** November 08, 2023 **What do you like best about HCL AppScan?** It is good tool for web app security scanning, support for technologies like soap, rest is something which is not offered by all tools, but appscan supports this. It is easy to install and integrate **What do you dislike about HCL AppScan?** It is not perfect, i am unable to find any authorization vuknerabilities or PE issues with appscan. It also seems little pricey ans resource hungry. **What problems is HCL AppScan solving and how is that benefiting you?** Automated and quick dast scans to find easy to spot secuirty issues. ### 29. Have been using HCL APPSCAN for 3 years and the product is doing what it claims. **Rating:** 4.5/5.0 stars **Reviewed by:** James Z. | Senior Network Security Analyst, Enterprise (> 1000 emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** Straightforward functions - easy to use and manage. **What do you dislike about HCL AppScan?** Troubleshooting is a bit of difficult. Session management is not easy to configure. **What problems is HCL AppScan solving and how is that benefiting you?** Detect web vulnerabilities and provide suggestions. Very good to providing advice to avoid common vulnerabilities . ### 30. Smooth application scan app for security purposes **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Financial Services | Small-Business (50 or fewer emp.) **Reviewed Date:** January 08, 2024 **What do you like best about HCL AppScan?** Scanning results seems accurate and beneficial. **What do you dislike about HCL AppScan?** More features can be added like it would me more good if it scans for more vulnerabilities. **What problems is HCL AppScan solving and how is that benefiting you?** Vulnerability scanning of app ### 31. Appscan the best security software I have used **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Accounting | Small-Business (50 or fewer emp.) **Reviewed Date:** November 25, 2023 **What do you like best about HCL AppScan?** Offers best security features for the organization Easy to use East to configure and install Provides good customer support Easy to integrate and migerate. Frequency is also good **What do you dislike about HCL AppScan?** Provides good security infrastructure and easy to use **What problems is HCL AppScan solving and how is that benefiting you?** No problem is encountered to me ### 32. Very detailed scans and my go to application for checking vulnerabilities **Rating:** 4.5/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Small-Business (50 or fewer emp.) **Reviewed Date:** November 16, 2023 **What do you like best about HCL AppScan?** trustful assessment easy to use automatic scans **What do you dislike about HCL AppScan?** long scanning cost is on higher side troubleshooting is a bit difficult but if youre a pro then nothing to worry **What problems is HCL AppScan solving and how is that benefiting you?** It provides detailed and trustful scans which is most important ### 33. good **Rating:** 3.0/5.0 stars **Reviewed by:** Verified User in Computer Software | Small-Business (50 or fewer emp.) **Reviewed Date:** November 22, 2023 **What do you like best about HCL AppScan?** its nice app and its been good app. its also good app **What do you dislike about HCL AppScan?** updates are slow and it has been also slow updates on most of the time **What problems is HCL AppScan solving and how is that benefiting you?** security testing is quite beneficial ### 34. Review for HCL app scan **Rating:** 4.0/5.0 stars **Reviewed by:** Sushant D. | Small-Business (50 or fewer emp.) **Reviewed Date:** February 08, 2023 **What do you like best about HCL AppScan?** It is a good standalone tool available. It provides a range of features for identifying and remedying security vulnerabilities. It's designed to be flexible and scalable, making it suitable for a wide range of web applications and organisations. **What do you dislike about HCL AppScan?** It was a bit expensive. Also, it is a complex tool that requires a certain amount of expertise to use. It has a lot of features and can be overwhelming to some people. **What problems is HCL AppScan solving and how is that benefiting you?** HCL AppScan helps organizations identify and remediate security vulnerabilities in their web applications, improving the overall security of the application and reducing the risk of security breaches. It provides features like automated scanning, manual testing and code analysis to help assess the security of web applications. ### 35. Product strong for almost 20 years **Rating:** 5.0/5.0 stars **Reviewed by:** Andrew P. | Specialist, Enterprise (> 1000 emp.) **Reviewed Date:** December 21, 2022 **What do you like best about HCL AppScan?** The product has always been consistent and delivers excellent results. The automated login process is a key function missing in competitor systems. Started using the tool in the early 2000's. **What do you dislike about HCL AppScan?** The tool is great. I don't care that the sales and dev branches are pushing the cloud solution. I like to maintain control of what reaches into my network. **What problems is HCL AppScan solving and how is that benefiting you?** The product allows me to quickly address issues in external facing web services and some mobile applications. I'm also able to provide evidence from within the tool on the issues it identifies. ### 36. An Automated and Integrated Platform that provides a Holistic Visibility into the Security **Rating:** 5.0/5.0 stars **Reviewed by:** Sylesh H. | Senior Manager, Mid-Market (51-1000 emp.) **Reviewed Date:** January 04, 2023 **What do you like best about HCL AppScan?** In HCL AppScan automation maintain a reasonable pace of review and remediation of flaws for our apps. The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good. **What do you dislike about HCL AppScan?** The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved. Appscan scanning duration is very much time consuming process and needs improvement in this part. **What problems is HCL AppScan solving and how is that benefiting you?** It is beneficial in my opinion since there are answers and recommendations for the difficulties. The advantage of AppScan is that it can diagnose according to application specifications. Dynamic diagnostics is basically a test that guarantees quality by the number of test cases. ### 37. AppScan is the foundation of our internal penetration testing **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Higher Education | Enterprise (> 1000 emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** AppScan is tunable allowing us to test the essentials of our deployed software. We can configure it to accomodate our MFA infrastructure while continuing automated testing. This frees time for our analysts and allows us to focus our manual testing efforts on areas of concern flagged by AppScan. **What do you dislike about HCL AppScan?** Some minor false positives frequently crop up. While we can turn these off, it seems that some of the default tests are following overly strict criteria. It also is sometimes confused when identifying TLS configuration on a target web server. **What problems is HCL AppScan solving and how is that benefiting you?** Deployment of internally developed web applications occurs faster than our staff could possibly review it manually. Automation allows us to maintain a reasonable pace of review and remediation of flaws for our apps. ### 38. Appscan Standard really amazing tool with lots of features **Rating:** 5.0/5.0 stars **Reviewed by:** Souvik C. | Senior Security Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** December 16, 2022 **What do you like best about HCL AppScan?** The best part of Appscan is the record login features for the critical SSO authentication-based application to get full authenticated scans. **What do you dislike about HCL AppScan?** The interface need to modified for the standard version **What problems is HCL AppScan solving and how is that benefiting you?** Tried many tools for our in-house applications scanning, which have in-house build SSO login, but all failed to do an authentication scan fails. Appscan manual features & settings help to get a full scan report successfully. Reporting is quite good with all details summary. ### 39. Powerful Security Product **Rating:** 5.0/5.0 stars **Reviewed by:** Vinod K. | QA Technical Lead, Enterprise (> 1000 emp.) **Reviewed Date:** December 19, 2022 **What do you like best about HCL AppScan?** Great Language coverage, SAST scan allows us at the code level, and DAST Scan at the app level does a great job of finding the issues with minimal false positives. **What do you dislike about HCL AppScan?** Long DAST Scans (Which can be controlled though) and error outs and need to restart the test **What problems is HCL AppScan solving and how is that benefiting you?** Finding out vulnerability issues in early life cycle using SAST and comprehensive with DAST. ### 40. cybersecurity manager **Rating:** 4.5/5.0 stars **Reviewed by:** Yu N. | cybersecurity manager, Mid-Market (51-1000 emp.) **Reviewed Date:** January 18, 2023 **What do you like best about HCL AppScan?** It can scan web applications automatically, which also allows for the customization of scan. Addtionally it is great for its ability to prioritize vulnerabilities based on their severity. **What do you dislike about HCL AppScan?** AppScan, like any other automated tool, can produce false positives or alarms, which can be time-consuming to investigate and lead to unnecessary anxiety. **What problems is HCL AppScan solving and how is that benefiting you?** AppScan is the ability to automatically scan web applications for a wide range of security vulnerabilities, including SQL injection, cross-site scripting (XSS), and insecure file uploads. ### 41. Highly recommended for application security **Rating:** 4.0/5.0 stars **Reviewed by:** Karan B. | Staff Engineer, Enterprise (> 1000 emp.) **Reviewed Date:** December 28, 2022 **What do you like best about HCL AppScan?** Various features it provides, starting from recorded login, manual explore and JIRA integration **What do you dislike about HCL AppScan?** JIRA integration should be more customisable **What problems is HCL AppScan solving and how is that benefiting you?** It is helping is vulnerability scans and automating them ### 42. Review as a security tool **Rating:** 4.5/5.0 stars **Reviewed by:** Mahmoud E. | Cyber Security Expert, Enterprise (> 1000 emp.) **Reviewed Date:** December 31, 2022 **What do you like best about HCL AppScan?** Application interface and Solution Stability **What do you dislike about HCL AppScan?** The reportis not containing detailed explanation **What problems is HCL AppScan solving and how is that benefiting you?** Help us to follow security development lifecycle approach. ### 43. Good tool to perform SAST and DAST analyses **Rating:** 4.0/5.0 stars **Reviewed by:** Verified User in Luxury Goods & Jewelry | Enterprise (> 1000 emp.) **Reviewed Date:** December 16, 2022 **What do you like best about HCL AppScan?** The thing I like the most about AppScan is that it's easy to connect to our CI/CD pipeline and has a lot of built in connectors **What do you dislike about HCL AppScan?** I don't particularly like the high rate of false positives that emerges from the scans **What problems is HCL AppScan solving and how is that benefiting you?** AppScan is helping us write more secure code, and providing our customers with e-commerce websites that are more secure also in dealing with their data ### 44. Great experience **Rating:** 4.5/5.0 stars **Reviewed by:** Joan B. | Security Architect, Small-Business (50 or fewer emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** How easy it is to use, being able to make granular reports as needed **What do you dislike about HCL AppScan?** The software update almost always gives a problem, I would like it to be more transparent **What problems is HCL AppScan solving and how is that benefiting you?** Software vulnerabilities and audits ### 45. Easy to use and get the job done. **Rating:** 3.5/5.0 stars **Reviewed by:** Banyu A. | Solution Architect, Enterprise (> 1000 emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** One of the best tools for app security. Easy to use and good documentation. **What do you dislike about HCL AppScan?** Cost can be a factor, considering there is a freeware option available. **What problems is HCL AppScan solving and how is that benefiting you?** security vulnerabilities scan for software and application ### 46. Web partner **Rating:** 5.0/5.0 stars **Reviewed by:** Yu K. | Manager, Small-Business (50 or fewer emp.) **Reviewed Date:** December 21, 2022 **What do you like best about HCL AppScan?** It provides trustful assessment and easy to use. **What do you dislike about HCL AppScan?** The support in Hong Kong and China area is not strong. **What problems is HCL AppScan solving and how is that benefiting you?** It helps to protect Web application. ### 47. Great & much more Secure application. HCL commited for better service & App scan Security. **Rating:** 5.0/5.0 stars **Reviewed by:** Somnath N. | SAM MANAGER, Enterprise (> 1000 emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** Security Mechanism of app scan is reliable and great. **What do you dislike about HCL AppScan?** All looks good for me as more secure place **What problems is HCL AppScan solving and how is that benefiting you?** More secure an reliable solution for any infra ### 48. A tool a bit immature **Rating:** 2.0/5.0 stars **Reviewed by:** Verified User in Computer & Network Security | Mid-Market (51-1000 emp.) **Reviewed Date:** December 21, 2022 **What do you like best about HCL AppScan?** It was easy to use AppScan on Cloud with the IDE plugin or maven one **What do you dislike about HCL AppScan?** The results may differ a lot based on the plugin used (IDE, maven, AppScanGo). Moreover, most of the results were false positive **What problems is HCL AppScan solving and how is that benefiting you?** SAST analysis of a mobile application and a maven project ### 49. To Go DAST Scanner **Rating:** 5.0/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Enterprise (> 1000 emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** HCL AppScan is best in issue reported and providing recommendations, the best part is API Scan , manual crawling and external browser. **What do you dislike about HCL AppScan?** Sometimes the application gets hung and reporting in csv is not available **What problems is HCL AppScan solving and how is that benefiting you?** less false positive and negative so basically less noise in reporting ### 50. Easy to use commercial Vapt and code review tool **Rating:** 3.5/5.0 stars **Reviewed by:** Verified User in Information Technology and Services | Mid-Market (51-1000 emp.) **Reviewed Date:** December 15, 2022 **What do you like best about HCL AppScan?** Appscan let also not veyskilled people to effectively execute a vapt or deep code review **What do you dislike about HCL AppScan?** A little rigid regarding the configuration. Had problems with very big code review using the on cloud application **What problems is HCL AppScan solving and how is that benefiting you?** Better than owasp for not trained users ## HCL AppScan Discussions - [Who owns AppScan?](https://www.g2.com/discussions/who-owns-appscan) - 1 comment - [Is AppScan free?](https://www.g2.com/discussions/is-appscan-free) - 1 comment - [View HCL AppScan pricing details and edition comparison](https://www.g2.com/products/hcl-appscan/reviews?section=pricing&secure%5Bexpires_at%5D=2026-05-20+04%3A46%3A16+-0500&secure%5Bsession_id%5D=64ababa5-e6c2-4fdb-8eb9-84eea76a7736&secure%5Btoken%5D=8fd94c847c6dd296ff405624109647c2664f8969840ec19a55292901e273efdf&format=llm_user) ## HCL AppScan Features **Administration** - API / Integrations - Extensibility **Administration** - API / Integrations - Extensibility **Functionality - Software Composition Analysis ** - Language Support - Integration - Transparency **Analysis** - Reporting and Analytics - Issue Tracking - Static Code Analysis - Code Analysis **Analysis** - Reporting and Analytics - Issue Tracking - Static Code Analysis - Vulnerability Scan - Code Analysis **Effectiveness - Software Composition Analysis** - Remediation Suggestions - Continuous Monitoring - Thorough Detection **Testing** - Command-Line Tools - Manual Testing - Test Automation - Compliance Testing - Black-Box Scanning - Detection Rate - False Positives **Testing** - Manual Testing - Test Automation - Compliance Testing - Black-Box Scanning - Detection Rate - False Positives **Agentic AI - Interactive Application Security Testing (IAST)** - Autonomous Task Execution **Agentic AI - Static Application Security Testing (SAST)** - Autonomous Task Execution ## Top HCL AppScan Alternatives - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) - 4.6/5.0 (66 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) - 3.8/5.0 (24 reviews) - [Checkmarx](https://www.g2.com/products/checkmarx/reviews) - 4.2/5.0 (32 reviews)