We performed a comparison between GitLab and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like GitLab from the CI/CD perspective. It is much easier to set up CI/CD and then integrate with other tools."
"It is a speedy platform compared to the others I have used. I have also enjoyed using the platform as this solution offers a good user experience."
"This product is always evolving, and they listen to the customers."
"The most valuable feature of GitLab is the ability to upload scripts and make changes when needed and then reupload them. Additionally, the solution is user-friendly."
"GitLab's best feature is Actions."
"The most valuable features of Gitlab are integration with CIE and the ability to rapidly deploy solutions, projects, and applications. It is very easy to use, and there are no complaints."
"GitLab is very well-organized and easy to use. Also, it offers most features that customers need."
"GitLab is being used as a repository for our codebase and it is a one stop DevOps tool we use in our team."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"You can easily find particular features and functions through the UI."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The most valuable feature of HCL AppScan is scanning QR codes."
"It provides a better integration for our ecosystem."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"The solution is cheap."
"I would like to see better integration with project management tools such as Jira."
"The solution could be faster."
"It is a little complex to set up the pipelines within the solution."
"Their RBAC is role-based access, which is fine but not very good."
"We have only seen a couple of issues on Gitlab, which we use for building some of the applications."
"The documentation could be improved to help newcomers better understand things like creating new branches."
"We'd like to see better integration with the Atlassian ecosystem."
"GitLab could improve by having more plugins and better user-friendliness."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"HCL AppScan needs to improve security."
"Scans become slow on large websites."
"There is not a central management for static and dynamic."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"It has crashed at times."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
GitLab is ranked 7th in Application Security Tools with 70 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. GitLab is rated 8.6, while HCL AppScan is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". GitLab is most compared with Microsoft Azure DevOps, Bamboo, SonarQube, AWS CodePipeline and Tekton, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and PortSwigger Burp Suite Professional. See our GitLab vs. HCL AppScan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.