We performed a comparison between Fortify Application Defender and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The product saves us cost and time."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"Its ability to find security defects is valuable."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"The solution helped us to improve the code quality of our organization."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"Technical support is helpful."
"I like the recording feature."
"Compared to other tools only AppScan supports special language."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"This is a stable solution."
"The solution is easy to use."
"There's extensive functionality with custom rules and a custom knowledge base."
"I encountered many false positives for Python applications."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"Support for older compilers/IDEs is lacking."
"The solution is quite expensive."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"The false positive rate should be lower."
"The licensing can be a little complex."
"The databases for HCL are small and have room for improvement."
"IBM Security AppScan Source is rather hard to use."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"There are so many lines of code with so many different categories that I am likely to get lost. "
"HCL AppScan needs to improve security."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
Fortify Application Defender is ranked 34th in Application Security Tools with 10 reviews while HCL AppScan is ranked 14th in Application Security Tools with 39 reviews. Fortify Application Defender is rated 8.0, while HCL AppScan is rated 7.6. The top reviewer of Fortify Application Defender writes "Reliable solution with excellent machine learning algorithms but expensive and lacking support". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Fortify Application Defender is most compared with Checkmarx One, Coverity, CAST Application Intelligence Platform, SonarQube and Qualys Web Application Scanning, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and PortSwigger Burp Suite Professional. See our Fortify Application Defender vs. HCL AppScan report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.