We performed a comparison between Fortify Application Defender and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product saves us cost and time."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"Its ability to find security defects is valuable."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The solution helped us to improve the code quality of our organization."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"There's extensive functionality with custom rules and a custom knowledge base."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The security and the dashboard are the most valuable features."
"The product has valuable features for static and dynamic testing."
"We leverage it as a quality check against code."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"The UI was very intuitive."
"Fortify Application Defender gives a lot of false positives."
"Support for older compilers/IDEs is lacking."
"The solution is quite expensive."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"The false positive rate should be lower."
"The licensing can be a little complex."
"HCL AppScan needs to improve security."
"Many silly false positives are produced."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"The solution could improve by having a mobile version."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"There is room for improvement in the pricing model."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"There are so many lines of code with so many different categories that I am likely to get lost. "
Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews while HCL AppScan is ranked 15th in Application Security Tools with 40 reviews. Fortify Application Defender is rated 7.8, while HCL AppScan is rated 7.6. The top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Fortify Application Defender is most compared with Checkmarx One, Coverity, CAST Application Intelligence Platform, SonarQube and Qualys Web Application Scanning, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap. See our Fortify Application Defender vs. HCL AppScan report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.