We performed a comparison between HCL AppScan and Mend.io based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The security and the dashboard are the most valuable features."
"Technical support is helpful."
"The most valuable feature of the solution is Postman."
"The most valuable feature of HCL AppScan is scanning QR codes."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"AppScan is stable."
"Compared to other tools only AppScan supports special language."
"I like the recording feature."
"The results and the dashboard they provide are good."
"The solution boasts a broad range of features and covers much of what an ideal SCA tool should."
"Attribution and license due diligence reports help us with aggregating the necessary data that we, in turn, have to provide to satisfy the various licenses copyright and component usage disclosures in our software."
"What is very nice is that the product is very easy to set up. When you want to implement Mend.io, it just takes a few minutes to create your organization, create your products, and scan them. It's really convenient to have Mend scanning your products in less than one hour."
"For us, the most valuable tool was open-source licensing analysis."
"Mend has reduced our open-source software vulnerabilities and helped us remediate issues quickly. My company's policy is to ensure that vulnerabilities are fixed before it gets to production."
"It gives us full visibility into what we're using, what needs to be updated, and what's vulnerable, which helps us make better decisions."
"There are multiple different integrations there. We use Mend for CI/CD that goes through Azure as well. It works seamlessly. We never have any issues with it."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"HCL AppScan needs to improve security."
"A desktop version should be added."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"The product has some technical limitations."
"There is not a central management for static and dynamic."
"Visibility is an issue for us. Our partners do not know we have integrations with some of IBM products."
"The dashboard UI and UX are problematic."
"The UI can be slow once in a while, and we're not sure if it's because of the amount of data we have, or it is just a slow product, but it would be nice if it could be improved."
"I would like to have an additional compliance pack. Currently, it does not have anything for the CIS framework or the NIST framework. If we directly run a scan, and it is under the CIS framework, we can directly tell the auditor that this product is now CIS compliant."
"The only thing that I don't find support for on Mend Prioritize is C++."
"We specifically use this solution within our CICD pipelines in Azure DevOps, and we would like to have a gate so that if the score falls below a certain value then we can block the pipeline from running."
"If anything, I would spend more time making this more user-friendly, better documenting the CLI, and adding more examples to help expand the current documentation."
"Make the product available in a very stable way for other web browsers."
"I would like to see the static analysis included with the open-source version."
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Mend.io is ranked 5th in Application Security Tools with 29 reviews. HCL AppScan is rated 7.6, while Mend.io is rated 8.4. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Mend.io writes "Easy to use, great for finding vulnerabilities, and simple to set up". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and Invicti, whereas Mend.io is most compared with SonarQube, Black Duck, Snyk, Checkmarx One and Fortify on Demand. See our HCL AppScan vs. Mend.io report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.