We performed a comparison between HCL AppScan and Sonatype Repository Firewall based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"The reporting part is the most valuable feature."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"The most valuable feature of HCL AppScan is scanning QR codes."
"Another thing that I like about Sonatype is that if you download something today, and five days from today it becomes vulnerable, it will notify you."
"The product's network and intrusion protection features are valuable. It also has rules and compliance features for security."
"The databases for HCL are small and have room for improvement."
"The product has some technical limitations."
"The penetration testing feature should be included."
"AppScan is too complicated and should be made more user-friendly."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"They could add a software component analysis tool."
"The tool needs to improve its file systems. The product should also include zero test feature."
"What I don't like is the lack of an option to pick up the phone and call someone for support. That is something they need to improve on. They need to have a professional services package, or they need to include that option with their services."
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Sonatype Repository Firewall is ranked 31st in Application Security Tools with 3 reviews. HCL AppScan is rated 7.6, while Sonatype Repository Firewall is rated 8.4. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Sonatype Repository Firewall writes "You will get clean code every time, and that's a great achievement". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and PortSwigger Burp Suite Professional, whereas Sonatype Repository Firewall is most compared with JFrog Xray, Cisco Secure Firewall, GitHub, Black Duck and Snyk. See our HCL AppScan vs. Sonatype Repository Firewall report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.