Check Point CloudGuard WAF vs HCL AppScan comparison


Comparison Buyer's Guide

Executive Summary

Categories and Ranking

Check Point CloudGuard WAF
Ranking in Application Security Tools
Average Rating
Number of Reviews
Ranking in other categories
Web Application Firewall (WAF) (14th)
HCL AppScan
Ranking in Application Security Tools
Average Rating
Number of Reviews
Ranking in other categories
Static Application Security Testing (SAST) (11th), Dynamic Application Security Testing (DAST) (1st)

Featured Reviews

Mar 7, 2024
Easy deployment, good reporting, and excellent support
The service was available for the client on time. They had a go-to-market or a due date to start sending the app to various students to apply. We were there 24/7 hoping and waiting for everything to be fine, and it worked perfectly and smoothly. The client was very happy with the performance of Check Point on this project. When comparing it with Imperva, we strongly feel that the formula that Check Point delivers on WAF was what the client needed. Check Point CloudGuard works perfectly for preemptively blocking Zero Day attacks and detecting hidden anomalies. Check Point is all about prevention. We strongly believe that if you want to prevent threats, Check Point is the one. There is no one else.
Sthembiso Zondi - PeerSpot reviewer
Jul 3, 2024
Has a straightforward setup process and valuable security features
We use AppScan primarily for security testing and performance monitoring across our systems The product's features for comprehensive code analysis (static) and live environment testing (dynamic) have significantly enhanced our ability to identify and address vulnerabilities, improving overall…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"I find the configuration and real-time monitoring features valuable."
"By using a cloud application security solution, our company can save costs by reducing the need for additional security hardware and software and improving operational efficiency."
"It seamlessly protects through machine learning, giving us visibility into potential attacks and where they come from."
"It provides advanced analytics that gives each team time to prepare for any threat that might occur in the future."
"The tool performs device health checkups and updates us. It helps us to be compliant with regulatory policies."
"After integrating AppSec with other applications, team members can easily work without fear of confidential information exposure."
"It offers high performance and improved productivity for users."
"The most valuable feature we have found in Check Point CloudGuard WAF is its rich logging capabilities."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"The product is useful, particularly in its sensitivity and scanning capabilities."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"The solution is easy to use."
"The most valuable feature of HCL AppScan is scanning QR codes."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."


"You need to know exactly the system. You cannot have someone running the system if they don't have the knowledge to do so."
"I have encountered issues with Check Point CloudGuard Application Security's technical support. It also has missing configuration features."
"There are occasions when it interfaces with other systems, leading to a loss of visibility."
"We would like to have a solution of this type for the administration of applications from mobile devices."
"For the next release, I would suggest considering features like enhanced threat intelligence integration."
"The creation of security profiles for each application takes a lot of time."
"Deeper and more transparent integration between Cloud Application Security and analysis monitoring tools could be very valuable - although the solution currently offers integrations with third-party security tools."
"A feature we'd like to see in the future is something that could protect against other attack vectors, with a focus on application protection."
"AppScan is too complicated and should be made more user-friendly."
"HCL AppScan needs to improve security."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"There is room for improvement in the pricing model."
"There is not a central management for static and dynamic."
"​IBM Security AppScan Source is rather hard to use​."

Pricing and Cost Advice

"The pricing is competitive compared to other solutions on the market. So, the licensing cost is average."
"I work for an Indian banking client. In India, companies are on a budget. The company liked Check Point very much, but it was a little bit costly compared to FortiWeb. However, it had more features compared to FortiWeb."
"I find the pricing to be reasonable."
"The pricing is not that expensive considering what it offers."
"It is not cheap, but it is worth it."
"The tool's licensing costs are yearly and competitive."
"If the pricing for the Infinity platform covers everything, it would be more straightforward. I had a hard time selling it to our CEO as a former CFO because of the differentials. There are different deltas year to year over a five-year period. It is very difficult to explain. It would be easier to digest for our executives if there was a flatter scale"
"Check Point CloudGuard Application Security's pricing is not friendly."
"The product is moderately priced, though it's an investment due to extensive code analysis needs."
"The solution is cheap."
"The solution is moderately priced."
"The price is very expensive."
"The product has premium pricing and could be more competitive."
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
792,483 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Security Firm
Financial Services Firm
Computer Software Company
Healthcare Company
Computer Software Company
Financial Services Firm
Manufacturing Company

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

What do you like most about CloudGuard for Application Security?
The app control is very sensitive, and the threat detection and prevention is better than other Check Point solutions. There is a centralized management console for threat protection and self-inspe...
What is your experience regarding pricing and costs for CloudGuard for Application Security?
It is reasonable compared to other solutions. Check Point is a medium-sized business in the market, whereas F5, Juniper, SonicWall, and IBM are big players. Compared to them, its pricing is quite r...
What needs improvement with CloudGuard for Application Security?
We have many users or employees who are using the VPN to access our network. More configuration for VPN users is required. More scalability is also required because, as compared to other Check Poin...
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
What needs improvement with HCL AppScan?
Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its fea...
What is your primary use case for HCL AppScan?
I mainly use AppScan to secure various types of applications. I use its DAFDAT solution for black box scanning, as well as SaaS and source code validation. AppScan helps in scanning code for vulner...

Also Known As

Check Point CloudGuard Application Security, CloudGuard Application Security, CloudGuard AppSec
IBM Security AppScan, Rational AppScan, AppScan

Learn More




Sample Customers

Information Not Available
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Find out what your peers are saying about Check Point CloudGuard WAF vs. HCL AppScan and other solutions. Updated: July 2024.
792,483 professionals have used our research since 2012.