What advice do you have for others considering HCL AppScan?


If you were talking to someone whose organization is considering HCL AppScan, what would you say?

How would you rate it and why? Any other tips or advice?

ITCS user
33 Answers

author avatar
Top 20Real User

I don't have information on the relationship HCL has with my company. My understanding is they are just a vendor for us. In general, I would rate them at a six out of ten. There are many areas in which they could improve, including by adding more languages and re-vamping their technical support. They are lacking in a lot of areas.

author avatar
Top 20Consultant

I worked with the solution at a previous company. Now I am a consultant and I no longer work with the product. I don't have a business relationship with HCL. I wanted to do a POC with the current state of what was IBM AppScan and now is HCL. I contacted my contacts at IBM and then they started off the conversation and it went smoothly because a number of people from IBM had gone over to HCL when that product was acquired. Various tools have their strengths, I would advise anyone who is interested in using a similar solution do a proof of concept first with a few options. Try Checkmarx, Fortify, Veracode, and AppScan, and see which one makes the most sense for your company's purposes. Those would be the top four in my opinion right now. Overall, I would rate the solution eight out of ten.

author avatar
Top 5Real User

I would recommend AppScan to other businesses. In a small-scale setup, it works perfectly fine, but if you are a larger organization with a lot of applications and you need to do CI/CD, then it's probably not the solution for you. Conversely, in a small organization with less than 20 applications, this will work pretty nicely. On a scale from one to ten, I would give this solution a rating of seven. If they can integrate with CI/CD and make the log-in mechanism a little smoother, they should be able to scale it up. If they could integrate with the CI/CD pipeline and make the scans a little faster, then I would give it a higher rating.

Find out what your peers are saying about HCL, Micro Focus, Veracode and others in Application Security. Updated: June 2021.
513,091 professionals have used our research since 2012.