We performed a comparison between GitHub Advanced Security and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."GitHub provides advanced security, which is why the customers choose this tool; it allows them to rely solely on GitHub as one platform for everything they need."
"Dependency scanning is a valuable feature."
"The product's most valuable features are security scan, dependency scan, and cost-effectiveness."
"It ensures user passwords or sensitive information are not accidentally exposed in code or reports."
"It is a stable solution...It is a scalable solution as it can handle new applications along with the analysis part."
"The most valuable is the developer experience and the extensibility of the overall ecosystem."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"I like the recording feature."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"There could be DST features included in the product."
"A more refined approach, categorizing and emphasizing specific vulnerabilities, would be beneficial."
"The customizations are a little bit difficult."
"The deployment part of the product is an area of concern that needs to be made easier from an improvement perspective."
"There could be a centralized dashboard to view reports of all the projects on one platform."
"The report limitations are the main issue."
"One thing which I think can be improved is the CI/CD Integration"
"It has crashed at times."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"The solution could improve by having a mobile version."
"HCL AppScan needs to improve security."
"The pricing has room for improvement."
GitHub Advanced Security is ranked 14th in Application Security Tools with 6 reviews while HCL AppScan is ranked 15th in Application Security Tools with 40 reviews. GitHub Advanced Security is rated 9.0, while HCL AppScan is rated 7.6. The top reviewer of GitHub Advanced Security writes "A tool that provides ease of integration with the set of existing codes in an infrastructure". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". GitHub Advanced Security is most compared with SonarQube, Snyk, Veracode, Fortify on Demand and Checkmarx One, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and PortSwigger Burp Suite Professional. See our GitHub Advanced Security vs. HCL AppScan report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.