HCL AppScan Reviews

Organizations reported a 50 percent return from HCL AppScan. In Brazil, users witnessed a 20 percent cost reduction. It enhances microservices-led architecture by minimizing errors and defects, integrating DevOps and IT pipelines, and improving application security post-deployment. Many banks benefited from cost savings and observed returns within six months. Some users could not provide financial insights.

Enterprise users perceive HCL AppScan's pricing as generally expensive, though some find it cost-effective compared to competitors like Veracode. Users appreciate the one-time purchase option without ongoing license fees, while others utilize a token-based system and find it convenient for scanning needs. Discounts are occasionally available, but many users suggest pricing could be more competitive. Overall, costs reflect the premium features offered, and clients are often willing to invest for its encryption security scanning capabilities.

• "The product is moderately priced, though it's an investment due to extensive code analysis needs."
• "The solution is cheap."
• "The product has premium pricing and could be more competitive."

The primary use case of HCL AppScan involves ensuring application security through static and dynamic analysis, vulnerability detection, and security assessment. Many use it for DevOps and DevSecOps environments, integrating it into CI/CD pipelines. It supports scanning web interfaces and applications both on-premise and in cloud settings. Users highlight its ability to detect issues like SQL injections and perform security testing as part of the development and quality assurance processes.

HCL AppScan's customer service is mostly responsive, fast, and knowledgeable. Users report satisfaction with transitions and operational responses. However, some express a need for more regional support, particularly in the Gulf. While some praise is given for helpfulness and user-friendliness, there are mentions of delays due to time differences and criticisms of declining service quality since changing from IBM. Comparisons indicate Veracode may deliver superior assistance and regular communication.

Many find HCL AppScan's initial setup straightforward, describing it as easy and quick, typically taking one to two days. Some experience complexity, especially with integration and large clients. Users actively engage professional services for customization. Feedback highlights the simplicity of cloud deployment, although certain setups require experienced personnel. Setup ratings range from six to ten out of ten, with deployment duration varying based on specific requirements and integrations.

Users generally find HCL AppScan's scalability to be favorable with some exceptions. Many report seamless scaling capabilities, particularly in cloud-based scenarios, attributing ease in adaptation and expansion to program design and hardware allocation. However, others indicate limitations, like license restrictions and initial setup challenges. Test experiences vary, with some organizations noting efficient scaling across environments, while others suggest adjustments in infrastructure to meet larger-scale requirements. Overall user feedback leans towards a positive view of scalability.

HCL AppScan is consistently stable, with most users experiencing no issues. Some note minor glitches, often attributed to hardware rather than the application itself. Ratings often range from seven to eight out of ten. Users highlight strong reliability, reporting that it handles heavy workloads effectively. Only small stability concerns are mentioned during intense scanning or with older versions, but recent updates seem to have resolved these. Stability is enhanced when proper resources are utilized.