We just raised a $30M Series A: Read our story

What needs improvement with HCL AppScan?


Please share with the community what you think needs improvement with HCL AppScan.

What are its weaknesses? What would you like to see changed in a future version?

ITCS user
66 Answers

author avatar
Top 20Real User

They have to improve support. Their support before, when it was IBM, was very good technical support. However, now, it's very bad. They could add more language coverage. They don't cover so many development languages. They really should be covering more. If they did, it would be a huge improvement.

author avatar
Top 10Consultant

The solution often has a high number of false positives. It's an aspect they really need to improve upon. The product has vulnerabilities, or findings, that are almost identical in nature.

author avatar
Top 5Real User

There are some false positives, which need to be removed, but this is common with all types of scanners. One thing which I think can be improved is the CI/CD Integration. There is a CI/CD Integration model, but I guess they are deliberately not using it currently. There are challenges when integrating AppScan with CI/CD because sometimes the activation plus the login mechanism provided doesn't work properly. Sometimes a login mechanism fails and then the whole scan fails. It's difficult to integrate with CI/CD.

author avatar
Top 20Consultant

While I did not identify any specific bugs in this application. I did find that sometimes a restart was needed to deal with unresponsiveness means when AppScan is in a hang situation, this happens usually when you select a large number of sources. IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications.

author avatar
Real User

It would be nice to be able to specify the parameter values ​​used in the login sequence function.

author avatar
Real User

I believe there are improvements that can be made, but I'm not aware of those kinds of things.

Find out what your peers are saying about HCL, Micro Focus, Veracode and others in Application Security. Updated: October 2021.
542,267 professionals have used our research since 2012.