We performed a comparison between HCL AppScan and IBM Rational Test Workbench based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Tools."It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"The solution offers services in a few specific development languages."
"We are now deploying less defects to production."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"It provides a better integration for our ecosystem."
"There's extensive functionality with custom rules and a custom knowledge base."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"This solution provides for API testing, functional UI testing, performance testing, and service virtualization."
"Reporting is pretty good. Its interface is also good. I'm overall pretty happy with the functionality and use of IBM Rational Test Workbench."
"Many silly false positives are produced."
"IBM Security AppScan Source is rather hard to use."
"The product has some technical limitations."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"The pricing has room for improvement."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"It has crashed at times."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"It should have more interfaces. In terms of interfaces or protocols, what you can do with Rational is far limited as compared to other products out there. What it does, it does great, but it only gives you limited types of protocols. It supports between 8 to 15 types of protocols, whereas other test tools give you 20 to 30 types of protocols with which you can do testing and convert to script. It records Javascript-based scripts, and you got to know a little bit of Java to basically be able to edit them, but the level of editing you got to do is very low. I like that, but the ability to edit the script is not as good as Parasoft or LoadRunner, which have C-Script."
"There are a number of things that they can do to simplify the tools, but the most important thing that they need to do is simplify the installation."
Earn 20 points
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while IBM Rational Test Workbench is ranked 18th in Performance Testing Tools. HCL AppScan is rated 7.6, while IBM Rational Test Workbench is rated 7.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of IBM Rational Test Workbench writes "Good reporting and interface, but supports limited types of protocols and requires low-level script editing". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and PortSwigger Burp Suite Professional, whereas IBM Rational Test Workbench is most compared with HCL OneTest.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.