We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are now deploying less defects to production."
"The solution is easy to use."
"We use it as a security testing application."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"The security and the dashboard are the most valuable features."
"The most valuable feature of the solution is Postman."
"It's good testing software."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"The most valuable feature of PortSwigger Burp Suite Professional is the Burp Intruder tool."
"This tool is more accurate than the other solutions that we use, and reports fewer false positives."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"Enables automation of different tasks such as authorization testing."
"You can scan any number of applications and it updates its database."
"The solution could improve by having a mobile version."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"It has crashed at times."
"AppScan is too complicated and should be made more user-friendly."
"Sometimes it doesn't work so well."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"They should have a better UI for dashboards."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"The solution doesn't offer very good scalability."
"The tool is very expensive."
"The solution is not easy to set it up. You need a lot of knowledge."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"The scanner and crawler need to be improved."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 40 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Checkmarx One, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
