We performed a comparison between HCL AppScan and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This solution saves us time due to the low number of false positives detected."
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"Compared to other tools only AppScan supports special language."
"The most valuable feature of the solution is the scanning or security part."
"The reporting part is the most valuable feature."
"AppScan is stable."
"The solution offers services in a few specific development languages."
"The product has valuable features for static and dynamic testing."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"The vulnerability management feature is a strong one. And also the patch management feature."
"The feature that I have found most valuable is the progressive scan. It is good. It's done in 24 hours."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"This product is designed for easy scalability and can easily scale up without major challenges."
"It works with many different products."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"Scans become slow on large websites."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"Many silly false positives are produced."
"AppScan is too complicated and should be made more user-friendly."
"They have to improve support."
"They should have a better UI for dashboards."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"There could be better management and faster scanning."
"The support could be faster."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"There's a distinction between internal and external scanning processes that could be streamlined. Currently, for internal scanning, specific configurations and scanner appliances need to be deployed within the network, which differs from the simpler setup for external scans. This dual process complicates the setup for comprehensive scanning coverage."
"The software’s pricing could be improved."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
"They should try to include business logic vulnerabilities in the scanner testing."
"The product's pricing could be better."
More Qualys Web Application Scanning Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 41 reviews while Qualys Web Application Scanning is ranked 18th in Application Security Tools with 31 reviews. HCL AppScan is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Snyk, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Checkmarx One. See our HCL AppScan vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.