HCL AppScan Pros and Cons

Offers best security features for the organization

Easy to use

East to configure and install

Provides good customer support

Easy to integrate and migerate.

Frequency is also good Review collected by and hosted on G2.com.

Provides good security infrastructure and easy to use Review collected by and hosted on G2.com.

trustful assessment

easy to use

automatic scans Review collected by and hosted on G2.com.

long scanning

cost is on higher side

troubleshooting is a bit difficult but if youre a pro then nothing to worry Review collected by and hosted on G2.com.

its nice app and its been good app.

its also good app Review collected by and hosted on G2.com.

updates are slow and it has been also slow updates on most of the time Review collected by and hosted on G2.com.

It is a good standalone tool available. It provides a range of features for identifying and remedying security vulnerabilities. It's designed to be flexible and scalable, making it suitable for a wide range of web applications and organisations. Review collected by and hosted on G2.com.

It was a bit expensive. Also, it is a complex tool that requires a certain amount of expertise to use. It has a lot of features and can be overwhelming to some people. Review collected by and hosted on G2.com.

The product has always been consistent and delivers excellent results. The automated login process is a key function missing in competitor systems. Started using the tool in the early 2000's. Review collected by and hosted on G2.com.

The tool is great. I don't care that the sales and dev branches are pushing the cloud solution. I like to maintain control of what reaches into my network. Review collected by and hosted on G2.com.

In HCL AppScan automation maintain a reasonable pace of review and remediation of flaws for our apps. The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good. Review collected by and hosted on G2.com.

The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved. Appscan scanning duration is very much time consuming process and needs improvement in this part. Review collected by and hosted on G2.com.

AppScan is tunable allowing us to test the essentials of our deployed software. We can configure it to accomodate our MFA infrastructure while continuing automated testing. This frees time for our analysts and allows us to focus our manual testing efforts on areas of concern flagged by AppScan. Review collected by and hosted on G2.com.

Some minor false positives frequently crop up. While we can turn these off, it seems that some of the default tests are following overly strict criteria. It also is sometimes confused when identifying TLS configuration on a target web server. Review collected by and hosted on G2.com.

The best part of Appscan is the record login features for the critical SSO authentication-based application to get full authenticated scans. Review collected by and hosted on G2.com.

The interface need to modified for the standard version Review collected by and hosted on G2.com.

Great Language coverage, SAST scan allows us at the code level, and DAST Scan at the app level does a great job of finding the issues with minimal false positives. Review collected by and hosted on G2.com.

Long DAST Scans (Which can be controlled though) and error outs and need to restart the test Review collected by and hosted on G2.com.

It can scan web applications automatically, which also allows for the customization of scan. Addtionally it is great for its ability to prioritize vulnerabilities based on their severity. Review collected by and hosted on G2.com.

AppScan, like any other automated tool, can produce false positives or alarms, which can be time-consuming to investigate and lead to unnecessary anxiety. Review collected by and hosted on G2.com.