We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"It provides a better integration for our ecosystem."
"We use it as a security testing application."
"The security and the dashboard are the most valuable features."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The most valuable feature of the solution is Postman."
"There's extensive functionality with custom rules and a custom knowledge base."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"It was easy to learn."
"The solution is stable."
"The solution has a pretty simple setup."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"It is a time-saver application."
"It has crashed at times."
"They could add a software component analysis tool."
"There is not a central management for static and dynamic."
"There is room for improvement in the pricing model."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"The solution doesn't offer very good scalability."
"The use of system memory is an area that can be improved because it uses a lot."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
"The price could be better. The rest is fine."
"As with most automated security tools, too many false positives."
"The solution’s pricing could be improved."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and OWASP Zap, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.