Introducing G2.ai, the future of software buying.Try now
Compare HCL AppScan and SonarQube 
Featured Products
At a Glance
Market Segments
Enterprise (53.4% of reviews)
Enterprise (41.6% of reviews)
Entry-Level Pricing
Free
Free
HCL AppScan
Star Rating
(76)4.1 out of 5
Market Segments
Enterprise (53.4% of reviews)
Pros & Cons
Not enough data
Entry-Level Pricing
Free
Browse all 3 pricing plansSonarQube
Star Rating
(126)4.5 out of 5
Market Segments
Enterprise (41.6% of reviews)
Pros & Cons
Entry-Level Pricing
Free
Free Trial is available
Browse all 6 pricing plansSummary
AI Generated Summary
AI-generated. Powered by real user reviews.
- G2 reviewers report that SonarQube excels in user satisfaction, receiving a higher overall rating compared to HCL AppScan. Users appreciate its simple deployment process, particularly highlighting the ease of installation on Kubernetes using YAML formats.
- Users say that HCL AppScan offers a comprehensive security testing experience, particularly for web, mobile, and cloud-based applications. Reviewers commend its ease of use and the low number of false positives, making it a reliable choice for modern businesses.
- According to verified reviews, SonarQube provides valuable code suggestions that help developers improve code quality and identify potential errors. This feature is particularly praised for enhancing code security and overall development practices.
- Reviewers mention that HCL AppScan stands out with its flexible deployment options, catering to various environments, whether on-premises or cloud-based. This adaptability is seen as a significant advantage for teams with diverse infrastructure needs.
- G2 reviewers highlight that while both products have similar scores for meeting requirements, SonarQube's recent user feedback indicates a strong focus on integration with GitHub, allowing developers to conduct scans seamlessly within their existing workflows.
- Users report that HCL AppScan's reporting and analytics capabilities are superior, providing detailed insights that help teams address security vulnerabilities effectively. This feature is particularly beneficial for organizations looking to enhance their security posture.
Pricing
Entry-Level Pricing
HCL AppScan
HCL AppScan CodeSweep
Free
Free-to-use security tool for developers alike who need to "spell check" and fix their code, as they write it, in multiple IDEs.
- Ideal for Developers
SonarQube
Cloud - based: Free
Free
For developers wanting to try SonarQube.
- Scan of private projects limited to 50k lines of code
- Users limited to max. 5
- Architecture management
Free Trial
HCL AppScan
Free Trial is available
SonarQube
Free Trial is available
Ratings
Meets Requirements
8.8
59
8.8
109
Ease of Use
8.5
62
8.5
112
Ease of Setup
8.5
31
8.1
71
Ease of Admin
8.7
31
8.5
63
Quality of Support
8.5
60
8.2
91
Has the product been a good partner in doing business?
8.8
30
8.4
57
Product Direction (% positive)
8.4
58
8.6
106
Features by Category
Administration
8.2
21
7.8
19
8.5
21
6.0
20
Analysis
8.6
22
7.4
21
7.8
22
8.0
20
8.3
22
9.0
23
8.0
22
9.1
23
Testing
7.6
21
6.6
18
7.8
21
5.9
19
8.4
20
6.0
21
7.9
21
6.9
18
8.3
20
6.8
17
8.3
21
8.2
21
7.5
21
6.8
22
Agentic AI - Static Application Security Testing (SAST)
Not enough data
Not enough data
Administration
8.1
26
Not enough data
8.2
28
Not enough data
Analysis
8.5
29
Not enough data
8.0
27
Not enough data
8.2
28
Not enough data
8.5
27
Not enough data
8.3
27
Not enough data
Testing
7.7
28
Not enough data
7.9
24
Not enough data
8.4
26
Not enough data
8.2
29
Not enough data
8.2
29
Not enough data
7.1
29
Not enough data
Functionality
Not enough data
8.1
31
Not enough data
8.4
30
Not enough data
8.2
29
Management
Not enough data
Feature Not Available
Not enough data
7.5
25
Not enough data
7.8
27
Bug Reporting
Not enough data
7.7
10
Not enough data
8.0
10
Not enough data
8.3
10
Bug Monitoring
Not enough data
7.8
10
Not enough data
8.2
10
Not enough data
8.5
10
Agentic AI - Bug Tracking
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Effectiveness - Software Composition Analysis
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Documentation
Not enough data
7.8
36
Not enough data
7.6
35
Not enough data
8.2
36
Security
Not enough data
6.8
34
Not enough data
7.0
32
Not enough data
7.9
33
Risk management - Application Security Posture Management (ASPM)
Not enough data
9.3
5
Not enough data
Feature Not Available
Not enough data
9.0
5
Not enough data
8.9
6
Integration and efficiency - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
Feature Not Available
Reporting and Analytics - Application Security Posture Management (ASPM)
Not enough data
7.8
6
Not enough data
Not enough data
Not enough data
8.3
5
Agentic AI - Application Security Posture Management (ASPM)
Not enough data
Not enough data
Not enough data
Not enough data
Functionality - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Management - Software Bill of Materials (SBOM)
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
AI Compliance
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Feature Not Available
Risk Management & Monitoring
Not enough data
Feature Not Available
Not enough data
Not enough data
AI Lifecycle Management
Not enough data
Feature Not Available
Access Control and Security
Not enough data
Not enough data
Collaboration and Communication
Not enough data
Feature Not Available
Agentic AI - AI Governance Tools
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Feature Not Available
Not enough data
Not enough data
Agentic AI - Static Code Analysis
Not enough data
6.3
8
Not enough data
5.7
7
Not enough data
6.7
8
Performance - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Integration - AI AppSec Assistants
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Cloud Visibility
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Security
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Identity
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Not enough data
Interactive Application Security Testing (IAST)Hide 1 FeatureShow 1 Feature
Not enough data
Not enough data
Agentic AI - Interactive Application Security Testing (IAST)
Not enough data
Not enough data
Categories
Categories
Shared Categories
HCL AppScan and SonarQube are categorized as Static Application Security Testing (SAST) and Software Composition Analysis
Unique Categories
HCL AppScan is categorized as Interactive Application Security Testing (IAST) and Dynamic Application Security Testing (DAST)
Reviews
Reviewers' Company Size
HCL AppScan
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
SonarQube
Small-Business(50 or fewer emp.)
Mid-Market(51-1000 emp.)
Enterprise(> 1000 emp.)
Small-Business
(50 or fewer emp.)
Mid-Market
(51-1000 emp.)
Enterprise
(> 1000 emp.)
Reviewers' Industry
Information Technology and Services
24.3%
Computer & Network Security
13.5%
Computer Software
9.5%
Automotive
8.1%
Banking
6.8%
Other
37.8%
Information Technology and Services
27.2%
Computer Software
21.6%
Financial Services
6.4%
Hospital & Health Care
3.2%
Computer & Network Security
3.2%
Other
38.4%
Alternatives
Discussions
Who owns AppScan?
1 Comment
Official Response from HCL AppScan
HCL AppScan is owned by HCL Software.Read more
HCL AppScan has no more discussions with answers
SonarQube has no discussions with answers
Hunting for software insights?
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.
