We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Technical support is helpful."
"I like the recording feature."
"We are now deploying less defects to production."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"This is a stable solution."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"Enables automation of different tasks such as authorization testing."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"The solution helped us discover vulnerabilities in our applications."
"There is room for improvement in the pricing model."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"There is not a central management for static and dynamic."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"The penetration testing feature should be included."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"AppScan is too complicated and should be made more user-friendly."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"One area that can be improved, when compared to alternative tools, is that they could provide different reporting options and in different formats like PDF or something like that."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory."
"The technical support team's response time is mostly delayed and should be improved."
"The pricing of the solution is quite high."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"I am from Brazil. The currency exchange rate from a dollar to a Brazilian Real is quite steep. It is almost six to one. It would be good if it can be sold in the local currency, and its price is cheaper for us."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 41 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. HCL AppScan is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Checkmarx One, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.