We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This solution saves us time due to the low number of false positives detected."
"The reporting part is the most valuable feature."
"The product has valuable features for static and dynamic testing."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"There's extensive functionality with custom rules and a custom knowledge base."
"It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"The most valuable feature of the solution is the scanning or security part."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"Enables automation of different tasks such as authorization testing."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"PortSwigger Burp Suite Professional has an intercept tab that helps us to scan our APIs, set the response, and request errors."
"The suite testing models are very good. It's very secure."
"The solution has a great user interface."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"There is not a central management for static and dynamic."
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"Visibility is an issue for us. Our partners do not know we have integrations with some of IBM products."
"One thing which I think can be improved is the CI/CD Integration"
"We'd like to have more integration potential across all versions of the product."
"The solution’s pricing could be improved."
"The number of false positives need to be reduced on the solution."
"I am from Brazil. The currency exchange rate from a dollar to a Brazilian Real is quite steep. It is almost six to one. It would be good if it can be sold in the local currency, and its price is cheaper for us."
"The tool is very expensive."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and OWASP Zap, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.