We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This solution saves us time due to the low number of false positives detected."
"It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"The most valuable feature of the solution is the scanning or security part."
"There's extensive functionality with custom rules and a custom knowledge base."
"The solution is easy to use."
"The static scans are good, and the SaaS as well."
"AppScan is stable."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"You can download different plugins if you don't have them in the standard edition."
"The extension that it provides with the community version for the skills mapping is excellent."
"It is a time-saver application."
"The suite testing models are very good. It's very secure."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"One thing which I think can be improved is the CI/CD Integration"
"A desktop version should be added."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"Scans become slow on large websites."
"Sometimes it doesn't work so well."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"AppScan is too complicated and should be made more user-friendly."
"They have to improve support."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"Mitigating the issues and low confluence issues needs some improvement. Implementing demand with the ChatGPT under the web solution is an additional feature I would like to see in the next release."
"The solution’s pricing could be improved."
"Sometimes the solution can run a little slow."
"If your application uses multi-factor authentication, registration management cannot be automated."
"The tool is very expensive."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 41 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. HCL AppScan is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Checkmarx One, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.