We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"You can easily find particular features and functions through the UI."
"The static scans are good, and the SaaS as well."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"It was easy to set up."
"The most valuable feature of HCL AppScan is scanning QR codes."
"The security and the dashboard are the most valuable features."
"There's extensive functionality with custom rules and a custom knowledge base."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The suite testing models are very good. It's very secure."
"The extension that it provides with the community version for the skills mapping is excellent."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"With the Extender Tab, if you know how to code then you can create a plugin and add it to Burp."
"The solution scans web applications and supports APIs, which are the main features I really like."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"One thing which I think can be improved is the CI/CD Integration"
"They should have a better UI for dashboards."
"The databases for HCL are small and have room for improvement."
"There is not a central management for static and dynamic."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"Sometimes it doesn't work so well."
"Many silly false positives are produced."
"The use of system memory is an area that can be improved because it uses a lot."
"I am from Brazil. The currency exchange rate from a dollar to a Brazilian Real is quite steep. It is almost six to one. It would be good if it can be sold in the local currency, and its price is cheaper for us."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"There is not much automation in the tool."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"The reporting needs to be improved; it is very bad."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and OWASP Zap, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.