Logo of HCL AppScan

HCL AppScan

Website LinkedIn Twitter

Last updated on

Company health

Employee growth
4% increase in the last year
Web traffic
6% decrease in the last quarter
Financing
July 2008 - $220M

Ratings

G2
4.1/5
(76)
Glassdoor
3.6/5
(46407)

HCL AppScan description

HCL AppScan is a suite of tools that help companies find and fix security weaknesses in their software. It can scan code, applications, and APIs for vulnerabilities, even those found in open-source components. The tool integrates with the software development process, making it easier for developers to address security issues early on. HCL AppScan offers centralized reporting and management, giving security teams better visibility and control over their application security.

Who is HCL AppScan best for

HCL AppScan is a comprehensive security suite ideal for large enterprises seeking to enhance their application security. Users praise its comprehensive testing and accurate results, but note the high cost and complex setup. It excels in vulnerability detection and automated reporting, making it a valuable tool for security-conscious development teams.

  • Best for enterprise companies.

  • Suitable for various industries.

HCL AppScan features

Type in the name of the feature or in your own words tell us what you need
Supported

HCL AppScan supports API scanning for vulnerabilities.
Supported

AppScan automatically scans web applications for security vulnerabilities using DAST.
Supported

HCL AppScan supports SBOM generation as part of its software supply chain security features.
Supported

AppScan detects vulnerabilities in open-source components using its SCA tool.
Supported

AppScan supports continuous security auditing through automated testing and vulnerability assessments.
Supported

AppScan performs license compliance analysis, including identifying open-source licenses and potential issues.
Supported

AppScan integrates with IDEs and CI/CD pipelines to provide immediate feedback and auto-fix suggestions within the coding environment.
Qualities

We evaluate the sentiment that users express about non-functional aspects of the software

Value and Pricing Transparency

Strongly negative
-0.78

Customer Service

Strongly positive
+0.78

Ease of Use

Strongly positive
+0.7

Reliability and Performance

Rather positive
+0.6

Ease of Implementation

Rather positive
+0.6

Scalability

Neutral
+0

HCL AppScan reviews

We've summarised 76 HCL AppScan reviews (HCL AppScan G2 reviews) and summarised the main points below.

Pros of HCL AppScan
  • Comprehensive security testing (DAST, SAST, IAST).
  • Easy to use and set up.
  • Accurate results with minimal false positives.
  • Excellent customer support.
  • Automated scanning and reporting.
Cons of HCL AppScan
  • High cost, potentially prohibitive for smaller budgets.
  • Steep learning curve for new users.
  • Occasional long scan times and resource intensiveness.
  • False positives require manual review.
  • Limited customization for JIRA integration.

HCL AppScan pricing

The commentary is based on 12 reviews from HCL AppScan G2 reviews.

HCL AppScan is praised for its comprehensive security testing and vulnerability detection. However, some reviewers find it expensive, especially for smaller budgets, and note the potential for a steep learning curve. Others mention licensing challenges.

Users sentiment

Strongly negative
-0.78

HCL AppScan alternatives

  • Logo of Microsoft Defender for Cloud
    Microsoft Defender for Cloud
    Better for cloud security posture management across multiple cloud platforms and hybrid environments. A strong HCL AppScan competitor for organizations already invested in the Microsoft ecosystem. Focuses on cloud workload protection, including containers.
    Read more
  • Logo of Checkmarx
    Checkmarx
    Better for larger enterprises with cloud-native applications. Has slower momentum. Pricier HCL AppScan alternative.
    Read more
  • Logo of Vanta
    Vanta
    Better for compliance automation and a better fit for smaller businesses. It has more momentum currently. Focuses on compliance with various security standards like SOC 2, ISO 27001, and HIPAA. A strong HCL AppScan competitor and alternative.
    Read more
  • Logo of Astra Pentest
    Astra Pentest
    Better for SaaS and software companies. Focuses on web, app, and network security testing through simulated attacks. Offers manual penetration testing alongside automated scans. Has positive reviews for its thoroughness and support, but some users report UI/UX and invoicing issues. Growing much faster.
    Read more
  • Logo of Tenable One
    Tenable One
    Better for organizations prioritizing vulnerability management and attack path prediction. Broader security coverage beyond application security. A strong HCL AppScan competitor and alternative.
    Read more
  • Logo of Cycode
    Cycode
    Focuses more on application security posture management and software supply chain security. Has significantly more momentum.
    Read more

HCL AppScan FAQ

  • What is HCL AppScan and what does HCL AppScan do?

    HCL AppScan is a suite of security tools that helps organizations identify and remediate vulnerabilities in their software. It provides various scanning capabilities, including web application scanning, API scanning, and open-source component analysis, and integrates with development workflows for continuous security auditing.

  • How does HCL AppScan integrate with other tools?

    HCL AppScan integrates with IDEs and CI/CD pipelines, providing immediate feedback and auto-fix suggestions within the coding environment. It also supports continuous security auditing through automated testing and vulnerability assessments. Centralized reporting and management gives security teams better visibility.

  • What the main competitors of HCL AppScan?

    Top alternatives to HCL AppScan include Checkmarx, Tenable One, and Wiz. These competitors offer similar application security testing and vulnerability management features, often with a focus on developer-friendly integrations and cloud security. Microsoft Defender for Cloud and Vanta are also relevant alternatives but cater to broader security and compliance needs.

  • Is HCL AppScan legit?

    Yes, HCL AppScan is a legitimate security testing suite. It helps find and fix software vulnerabilities, which improves the safety of your applications. While it offers comprehensive features and excellent support, potential users should be aware of its high cost and complex interface.

  • How much does HCL AppScan cost?

    HCL AppScan pricing is not publicly available. Contact HCL directly for a customized quote based on your specific needs and requirements. Consider exploring alternative application security testing tools if budget is a primary concern.

  • Is HCL AppScan customer service good?

    HCL AppScan's customer support receives positive feedback, with users highlighting its responsiveness and helpfulness in resolving issues. However, one user reported a negative experience and suggested contacting the technical sales department for better assistance.

Reviewed by

MK
Michal Kaczor
CEO at Gralio

Michal has worked at startups for many years and writes about topics relating to software selection and IT management. As a former consultant for Bain, a business advisory company, he also knows how to understand needs of any business and find solutions to its problems.

TT
Tymon Terlikiewicz
CTO at Gralio

Tymon is a seasoned CTO who loves finding the perfect tools for any task. He recently headed up the tech department at Batmaid, a well-known Swiss company, where he managed about 60 software purchases, including CX, HR, Payroll, Marketing automation and various developer tools.