IBM Security AppScan Competitors and Alternatives

Read reviews of IBM Security AppScan competitors and alternatives
SonarQube
Real User
Senior Java Developer at a financial services firm
Aug 30 2017

What is most valuable?

Most features in the product are very useful, but there are some parts that I personally use more than others. 1. Code Convention: Using the tool to implement some sort of coding convention is really useful and ensures that the code is... more»

How has it helped my organization?

This product has helped us improve the quality of code within the business and ensure all new developers keep to a similar code convention per project. This can basically be tracked back to saving the company money, because improved quality... more»

What needs improvement?

* Upgrading the version of the server is a bit cumbersome and could be made slightly easier. Allowing admin users to upgrade the software through the front-end would make upgrading easier. * Another improvement is with false positives.... more»
CA Technologies
Real User
SVP Application Security at a financial services firm with 10,001+ employees
May 17 2018

What is most valuable?

The most valuable feature is the remediation consulting that they give. I feel like any vendor can identify the flaws but fixing the flaws is what is most important. Being able to have those consultation calls, schedule them in the platform,... more»

How has it helped my organization?

It has allowed us to scale and find vulnerabilities much faster than previous manual tools. It has allowed us to educate developers on it to use the consultation calls.

What needs improvement?

I would like to see more technical support for some of the connectors, some more detailed diagrams or run-books on how to install some of the stuff; more hand-holding in the sense of understanding our environment. They cover a lot of... more»
Checkmarx
Consultant
SRE Vice Group Manager at a tech services company with 1,001-5,000 employees
Jan 25 2017

What is most valuable?

The solution allows us to create custom rules for code checks. Without custom rules, the system couldn’t find anything serious in the custom code and libraries.

How has it helped my organization?

During the trial period, we tried to build automated security development lifecycles with this product and with other products. We have achieved partial success with this.

What needs improvement?

The main issue was the supported Windows OS for the installation. Windows is not appropriate for a big internet company’s infrastructure. Supporting a Windows machine, especially for this software, is inconvenient. This product requires you... more»

Sign Up with Email