We performed a comparison between HCL AppScan and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"The UI was very intuitive."
"It highlights, with several grades of severity, the types of vulnerabilities, so we can focus on the most severe security vulnerabilities in the code."
"The static scans are good, and the SaaS as well."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"The reporting part is the most valuable feature."
"Technical support is helpful."
"It provides a better integration for our ecosystem."
"It is easy to use."
"It works with many different products."
"The most valuable feature is that we are able to scan the services and put credentials like a user ID password. We can verify the vulnerability level."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"The Qualys Web Application Scanning solution offers a single comprehensive console and consolidated reporting, covering all aspects from on-prem to cloud and compliance, etcetera."
"It is a very stable solution."
"The simplicity of exporting reports and the simplicity and clarity of the reports included with the product are good."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"We would like to see a check in the specific vulnerabilities in mobile applications or rooted devices, such as jailbreaking devices."
"It has crashed at times."
"HCL AppScan needs to improve security."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"They could add a software component analysis tool."
"It should have better automatic reporting."
"Qualys Web Application Scanning is very complex to use, and its graphical interface is not very user-friendly."
"The solution needs to adjust its pricing. They should make it more affordable."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"Deployment can be complicated."
"The product should allow users to upload their payloads."
"The virus code updates are not frequent enough."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
More Qualys Web Application Scanning Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Qualys Web Application Scanning is ranked 18th in Application Security Tools with 31 reviews. HCL AppScan is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Snyk, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, Fortify WebInspect and Checkmarx. See our HCL AppScan vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.