We performed a comparison between HCL AppScan and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There's extensive functionality with custom rules and a custom knowledge base."
"The reporting part is the most valuable feature."
"AppScan is stable."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"The product has valuable features for static and dynamic testing."
"I like the recording feature."
"It provides a better integration for our ecosystem."
"The solution offers services in a few specific development languages."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"It is a very stable solution."
"The vulnerability management feature is a strong one. And also the patch management feature."
"It works with many different products."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"I have found the detection of vulnerabilities tool thorough with good results and the graphical display output to be wonderful and full of colors. It allows many types of outputs, such as bar and chart previews."
"We can do scanning and submit reports straight to the customers when there are new vulnerabilities, then tell them whether they are affected or not."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
"They could add a software component analysis tool."
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
"The solution could improve by having a mobile version."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"The databases for HCL are small and have room for improvement."
"AppScan is too complicated and should be made more user-friendly."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"There should be better visibility into the application."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The software’s pricing could be improved."
"We receive false positives sometimes when using a solution that could be improved. However, the technical team provides us with the exact explanation why it was giving us that kind of error."
"In certain cases, this product does have false positives, which the company should work on."
"The product should allow users to upload their payloads."
More Qualys Web Application Scanning Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. HCL AppScan is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and Snyk, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Checkmarx One. See our HCL AppScan vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.