We performed a comparison between Apache JMeter and HCL AppScan based on real PeerSpot user reviews.
Find out what your peers are saying about Apache, OpenText, Tricentis and others in Performance Testing Tools."When there's a high number of TPS I can achieve more transactions per seconds given the hyper-limitations."
"The most valuable feature of this solution is being able to launch many requests and scheduling simulating human interactions with the application."
"JMeter's most valuable feature is the RegEx Extractor."
"I like the fact that JMeter integrates well with other tools."
"JMeter is a free tool with a large user population, which comes in handy because we have a vast knowledge base to tap into when needed. It's also easier to hire consultants who know JMeter."
"It is open source as well as relatively extendable. It allows us to extend and add additional functionality and features. Its deployment is also very easy."
"The most valuable features are the ability to capture the entire traffic of particular pages and the proper readability of entire pages and entire APIs."
"User-friendly and open source."
"The solution offers services in a few specific development languages."
"It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code."
"There's extensive functionality with custom rules and a custom knowledge base."
"It was easy to set up."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"The static scans are good, and the SaaS as well."
"AppScan is stable."
"We would like some reporting and analysis tools to be added to this solution."
"Automation is difficult in JMeter."
"Self-healing and page rendering for the end-users are not available in Apache JMeter."
"Considering the kinds of tests we are performing here, where we launch several tests at the same time as a batch request, JMeter is not the best tool for the job. Those kinds of things could be done easily with other tools, like T6."
"They should improve the solution on its UI front."
"They can improve it a little bit in terms of distribution load testing. We struggled with it during the distribution. In terms of reporting, runtime monitoring is not currently included, and it should be included. They can also improve it on the reporting side in terms of the comparison of the reports. They can also focus more on integration with CI/CD. Currently, people are using their own customized tools. It would be nice if Apache can provide some standard tools and procedures for integration with CI/CD tools like DPR. There are some tools, but it would be nice if official standard tools and procedures are available."
"Its reporting could be improved. There should be a better visual representation. That would be helpful for easy consumption of the reports."
"It should be easier to combine multiple scripts. If you have multiple scripts, you need to write a new script to combine those scripts. The virtual user generator is slow."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"Many silly false positives are produced."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"They have to improve support."
"We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"IBM Security AppScan Source is rather hard to use."
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
Apache JMeter is ranked 1st in Performance Testing Tools with 82 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. Apache JMeter is rated 7.8, while HCL AppScan is rated 7.8. The top reviewer of Apache JMeter writes "It's a free tool with a vast knowledge base, but the reporting is lackluster, and it has a steep learning curve". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Apache JMeter is most compared with BlazeMeter, Postman, Tricentis NeoLoad, Katalon Studio and OpenText LoadRunner Professional, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and PortSwigger Burp Suite Professional.
We monitor all Performance Testing Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.