We performed a comparison between HCL AppScan and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It was easy to set up."
"We are now deploying less defects to production."
"AppScan is stable."
"It provides a better integration for our ecosystem."
"The UI was very intuitive."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"The solution is easy to use."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera."
"The product prevents possible vulnerabilities in our network."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"It is a good product for website penetration testing to detect vulnerabilities."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
"It is a cloud-based solution, so it is easy to scale."
"It is a very stable solution."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"The pricing has room for improvement."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"The penetration testing feature should be included."
"There is room for improvement in the pricing model."
"The product should allow users to upload their payloads."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"There should be better visibility into the application."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
"The support could be faster."
"The reporting contains too many false positives."
"They should try to include business logic vulnerabilities in the scanner testing."
More Qualys Web Application Scanning Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. HCL AppScan is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and Snyk, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Checkmarx One. See our HCL AppScan vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.