We performed a comparison between Acunetix and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Overall, it's a very good tool and a very good engine."
"The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"Picks up weaknesses in our app setups."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"The usability and overall scan results are good."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"The security and the dashboard are the most valuable features."
"We are now deploying less defects to production."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"You can easily find particular features and functions through the UI."
"The static scans are good, and the SaaS as well."
"The reporting part is the most valuable feature."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"This is a stable solution."
"Currently only supports web scanning."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"Acunetix needs to improve its cost."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"Acunetix needs to include agent analysis."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"They have to improve support."
"There is not a central management for static and dynamic."
"Many silly false positives are produced."
"It has crashed at times."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
Acunetix is ranked 17th in Application Security Tools with 26 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. Acunetix is rated 7.6, while HCL AppScan is rated 7.8. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, PortSwigger Burp Suite Professional, Fortify WebInspect and Veracode, whereas HCL AppScan is most compared with SonarQube, Veracode, OWASP Zap, PortSwigger Burp Suite Professional and Checkmarx One. See our Acunetix vs. HCL AppScan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.