HCL AppScan Reviews & Product Details

HCL AppScan Overview

What is HCL AppScan?

HCL AppScan Standard protects against web application attacks and expensive data breaches by automating application security vulnerability testing. Avoid security vulnerabilities Use automated dynamic security testing and advanced static analysis – “black box” and “white box” – to detect developing security issues. Empower accurate scanning Scan websites to identify embedded vulnerabilities. Simplify interpretation of scan results with scan-specific explanations of each issue. Get quick remediation Fix high-priority problems first with streamlined remediation. Make fixes quickly with the provided remediation steps – including code examples and a task list.

HCL AppScan Details
Product Description

HCL AppScan help minimize web application attacks and expensive data breaches by automating testing of application security vulnerabilities. It allows you to test applications before deploying them and assess risk in production environments on an ongoing basis.


Seller Details
Seller
HCL Technologies
Ownership
NSE:HCLTECH
Company Website
Year Founded
1991
HQ Location
Noida, Uttar Pradesh
Total Revenue (USD mm)
$604,270
Twitter
@hcltech
441,915 Twitter followers
LinkedIn® Page
www.linkedin.com
159,285 employees on LinkedIn®

Overview Provided by:
Content Director
Show More

HCL AppScan Screenshots

HCL AppScan Reviews

Write a Review
Filter reviews
LinkedIn®
Connections
Popular Mentions
Showing 21 HCL AppScan reviews
Popular Mentions
Showing 21 reviews
Filter Reviews
Filter Reviews
Sort by
Ratings
Company Size
User Role
For Category
All Industries
Region
Already have HCL AppScan?
Write a Review
UC
Enterprise(> 1000 emp.)
Validated Reviewer
Verified Current User
Review source: Organic
What do you like best?

The most important I like about this is the IAST- Interactive application security testing is the best part which I like because it will crawl the application with us and get more chances to get more vulnerabilities as compare to DAST and SAST.

SAST and DAST obviously these feature will do there best.

Mobile application is also adding plus point which will make this tool as all rounder just like in cricket the player who knows batting, bowling, fielding and wicket keeping.

This is the tool which added the advantage of all the things. Review collected by and hosted on G2.com.

What do you dislike?

No support for the react js applications as it should have. which will improve appscan support

Anyway it is having SAST, DAST, Mobile apps and IAST. which is best part of it. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It's easier to use the HCL appscan as it provides SAST, DAST, Mobile app Security Testing and one most important is IAST which will help you to find more vulnerabilities Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

DAST, SAST and Mobile application testing

DAST - Dynamic Application which will help us to resolve the real life scenario

SAST - Static scan will do the code review before deployment which will save time and money

Mobile application - Now a days it's helping all of us to recognize the vulnerabilities in mobile.

IAST - Interactive application security testing is the best part which I like because it will crawl the application with us and get more chances to get more vulnerabilities as compare to DAST and SAST Review collected by and hosted on G2.com.

Show More
Show Less
AA
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

In report side, developers can understand details and solution method of vulnerability. On my side(security engineer) I have been tested AppScan with 2 other rival. The vulnerability analysis AppScan is doing is quite sufficient. In my review I think that was enough for OWASP TOP10 requirements. Review collected by and hosted on G2.com.

What do you dislike?

User interface could be more colorful :) Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Basically, I'm scanning the web application vulnerabilities with AppScan. It's great to be automating it compared to a manual scan. Review collected by and hosted on G2.com.

Show More
Show Less
AA
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Vulnerability database always up to date and Also user friendly surface with effective reporting options Review collected by and hosted on G2.com.

What do you dislike?

Global support response can be more faster. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Vulnerability assesment for new or existing software .Also sometimes I detected bugs on custom reporting area. Review collected by and hosted on G2.com.

Show More
Show Less
UM
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

The results of HCL AppScan are reliable and it's a very user friendly. Review collected by and hosted on G2.com.

What do you dislike?

The cloud and On Prem version should work seamlessly. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It helped us consolidated multiple security tools being used at my org. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Small-Business(50 or fewer emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

This one of best tool for Application scan to identify the flaws and remediation to fix the flaws in the application Review collected by and hosted on G2.com.

What do you dislike?

Some time IBM Security AppScan provides false positive results Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

IBM Security AppScan scannes the application and finds the vulnerability, and remediation steps to mitigates the vulnerability. Review collected by and hosted on G2.com.

Show More
Show Less
UC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

IBM appscan is best for the webapplication here we can do both dynamic and static analyse Review collected by and hosted on G2.com.

What do you dislike?

Sometime IBM app scan generate falsepositive results Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Yes i recommend others to use IBM appscan for penetration testing. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

With IBM app scan we are preforming automation scan for the web applications Review collected by and hosted on G2.com.

Show More
Show Less
CO
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

IBM® Security AppScan Standard automates application security testing by scanning applications, identifying vulnerabilities, and generating reports with intelligent fix recommendations to ease remediation. It provides static and dynamic application security testing throughout development Review collected by and hosted on G2.com.

What do you dislike?

it doesn't have support for Oracle fusion middleware stack scaning which is a limitation and doesnt provide any support for SCA based application Review collected by and hosted on G2.com.

Recommendations to others considering the product:

You can Test mobile apps and services with AppScan Standard. This is most suitable for mobile based organisation where the security is the key challenge and if the tool identifies all the vulnerabilities within the app deploy to the mobile platform it serves a boon to the mobile industry . Also it have wide variety of language support which makes it powerful to be utilized in the market making it better for any organisation to acquire this product for there deployment cycle before moving to the code to actual environment. It can integrate easiliy with CI/CD pipeline making is most suitable for organisation moving towards devops and hence i would like any organisation to think in a direction where secure environment is the key Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It gives all the vulnerability issues for our application making it infosec compliance and hence i wou ld recommend it for each organisation to have a tool like this which provides best vulnerability testing tool today in the market Review collected by and hosted on G2.com.

Show More
Show Less
II
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It helps to identify latest vulnerabilities Review collected by and hosted on G2.com.

What do you dislike?

We can't relay solely on scanner results ,have to depend on manual testing as well Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It doesn't help you to identify all vulnerabilities Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It helps to identify vulnerabilities for any type of website in the development stage Review collected by and hosted on G2.com.

Show More
Show Less
CC
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Integrates with other IBM software, pulls into siem and watson well Review collected by and hosted on G2.com.

What do you dislike?

not as thorough or updated as others scanners, does not go as deep on network level Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Realtime results to SOC instantly Review collected by and hosted on G2.com.

Show More
Show Less
UI
Small-Business(50 or fewer emp.)
Validated Reviewer
Verified Current User
Review source: Invitation from G2
What do you like best?

Powerful scanning engine. A robust set of options. Excellent documentation. Review collected by and hosted on G2.com.

What do you dislike?

True enterprise management, requires the purchase of additional AppScan products. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Its a great product to use even though it might be a bit pricey for general startups Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

We use it to mainly protect our company's data from web application attacks Review collected by and hosted on G2.com.

Show More
Show Less
Senior ETL Developer
Information Technology and Services
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Real time agent status monitorning, agent logging and It is very cost effective compared to its performance and the features it offers. I like the way it assesses the applications. Review collected by and hosted on G2.com.

What do you dislike?

The tool IBM Security AppScan Standard is oblivious of the inner workings of the application being tested. It is unaware of the programming languate, OS, database, etc. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Great software. IBM is a leader in providing software solutions and yet another example of their pioneer work. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Our business was looking for a solution that reduces/stops web application attacks and protect our data at the same time. IBM Security AppScan Standard offers both the things and at the same time it is very well adopted for the cost savings that it offers most certainly, as well as time savings among many other benefits. Review collected by and hosted on G2.com.

Show More
Show Less
Senior Programmer Specialist
Information Technology and Services
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Generate accurate results based on the inputs. Uses the solid base of IAST and DAST technologies that are most reliable for detecting the security and other issue of application. Advance configuration options for testing broad range of case. Review collected by and hosted on G2.com.

What do you dislike?

Deviation from the real output when number of test cases increase. No option to test the complexity of the code while issue being identified in on the real environment. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Great tool when used with proper test and use cases. Gives you the the results on all kind of possible issues before production. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It has detected many issues in the application that could lead to the hacking the site. It provides possible threat for any issues in application. Review collected by and hosted on G2.com.

Show More
Show Less
Senior Security Engineer
Computer & Network Security
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

IBM is one of a few vendors that offer all DAST, SAST & IAST scanning technology. IDM AppScan Standard contains both DAST and IAST via glassbox. IBM can generate the accurate result with high computational time. The reporting format is centralized on risks that is easier for developers to understand. Review collected by and hosted on G2.com.

What do you dislike?

IBM AppScan standard doesn't offer SCA which is limited only for AppScan Enterprise. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

It's a bit expensive compared with the competitors and the close vendors to consider are Fortify, Checkmarx, Veracode and Synopsys. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

As for the security engineers that offers AppSec services to the clients, IBM AppScan shows reliable results with less false positives and easy to claim customers trust. Moreover, the support for IBM engineers is globally and it's not a problem to get local support no matter where you are. Review collected by and hosted on G2.com.

Show More
Show Less
Professional Programer Analyst
Information Technology and Services
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Advance configurations for running the authenticity test of an application. Scope of verification is wide, you can not think all security issues it offers to identify. Integration process is easy. Review collected by and hosted on G2.com.

What do you dislike?

Sometime gives few results when number of test performed is increased. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Great product. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Security and vulnerability of applications. Review collected by and hosted on G2.com.

Show More
Show Less
Software Specialist
Hospital & Health Care
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Alert of possible threat/vulnerability, Range of testing is quiet impressive, Quick remediation results and authentication test with advanced configuration. Review collected by and hosted on G2.com.

What do you dislike?

Retesting fails when number of issues increased. It also reports non-threats sometime. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Recommended Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Application security and vulnerability Review collected by and hosted on G2.com.

Show More
Show Less
UA
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

it classify and prioritize assets based on impact of business and identify the high risk areas and also test the the applications before real deployment.It is easy to configure Review collected by and hosted on G2.com.

What do you dislike?

its is not granular as standard.they have sometime confusing licensees. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Simplify remediation by identifying vulnerabilities and generating detailed results through comprehensive scanning coverageApplication Data view that is now the default view during the Explore stage. It is updated live as IBM Security AppScan explores the site, and data in all three panes can be clicked on and viewed. Review collected by and hosted on G2.com.

Show More
Show Less
Software Developer
Automotive
Mid-Market(51-1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

The AppScan tool provides an excellent results and a very responsive customer support . Review collected by and hosted on G2.com.

What do you dislike?

Although the result quality is good the overall workflow need major improvement. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Scan and test applications for security vulnerabilities. Review collected by and hosted on G2.com.

Show More
Show Less
Associate Systems Programmer
Defense & Space
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

It automatically identifies possible breaches, provides solutions too. Review collected by and hosted on G2.com.

What do you dislike?

Web apps today can be developed in many languages, and every framework has a different set of parameters. It should be tailored for specific frameworks. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

Secures sensitive data, automatically identifies and fixes issues. So, definitely, something to look into. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Securing our web app for the airports. It did realize a possible bug once which could have proved costly to us. Review collected by and hosted on G2.com.

Show More
Show Less
UI
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

We use IBM Security AppScan to scan web sites for vulnerabilities. Review collected by and hosted on G2.com.

What do you dislike?

It does not support/suggest security issues while writing the code. It provides only Static run support. Review collected by and hosted on G2.com.

Recommendations to others considering the product:

I recommend this product to identify security issues. It help to identify security vulnerabilities within the application and after run provides the report of all issues. Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

It help us to identify and fix Security vulnerabilities. It help us to improve code quality before moving to production. Review collected by and hosted on G2.com.

Show More
Show Less
Student Nurse Extern
Hospital & Health Care
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

What we liked best was that it prevents identify theft Review collected by and hosted on G2.com.

What do you dislike?

what we did not really like is that it does not identify all vulnerabilities Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Testing apps before taking them live Review collected by and hosted on G2.com.

Show More
Show Less
IC
Enterprise(> 1000 emp.)
Validated Reviewer
Review source: Invitation from G2
What do you like best?

Flexibility of featuresvare useful when attacking new use cases Review collected by and hosted on G2.com.

What do you dislike?

Limited scope of new applications for usecases Review collected by and hosted on G2.com.

What problems are you solving with the product? What benefits have you realized?

Find new bugs Review collected by and hosted on G2.com.

Show More
Show Less
Do you work for HCL AppScan?