We performed a comparison between HCL AppScan and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"It provides a better integration for our ecosystem."
"We leverage it as a quality check against code."
"AppScan is stable."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"This solution saves us time due to the low number of false positives detected."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"The initial deployment is very straightforward and simple. The product is stable if configured properly."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
"I would say that it is stable, as I am not aware of any major issues."
"The most valuable feature is the reporting, which is compliant with international standards."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"There is room for improvement in the pricing model."
"It has crashed at times."
"The databases for HCL are small and have room for improvement."
"IBM Security AppScan Source is rather hard to use."
"One thing which I think can be improved is the CI/CD Integration"
"There are so many lines of code with so many different categories that I am likely to get lost. "
"They could add a software component analysis tool."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"There are some glitches with stability, and it is an area for improvement."
"This price of this solution is a little bit expensive."
"The solution is too slow. It could take a full day to scan. Competitors are much faster."
"The tech support is responsive but issues remain unresolved."
"AppSpider has some problems with the RAM needed while scanning."
"Support response times are slow and can be improved."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"The performance of the solution could improve. When I compare the speed it is slower than others on the market. There are some tricks we use to help speed up the solution."
HCL AppScan is ranked 12th in Static Application Security Testing (SAST) with 41 reviews while Rapid7 AppSpider is ranked 25th in Static Application Security Testing (SAST) with 13 reviews. HCL AppScan is rated 7.8, while Rapid7 AppSpider is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and SonarQube. See our HCL AppScan vs. Rapid7 AppSpider report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.