We performed a comparison between GitHub and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This product allows us to easily collaborate on development tasks with our subcontractors, and control the workflow as the project progresses."
"We can make a private repository."
"The flexibility of this solution has been most valuable. It operates on a pay per use basis where you can ramp up or decrease usage."
"The solution can scale."
"Has great integration with third-party tools."
"Even if I'm not in the office, I can access and work on my code from anywhere with my account credentials."
"The most valuable aspects of GitHub are version control and parallel development. I also appreciate the forking part, which allows us to release a specific set of features to the environment."
"I have found GitHub stable."
"The product has valuable features for static and dynamic testing."
"Compared to other tools only AppScan supports special language."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"We use it as a security testing application."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"The solution offers services in a few specific development languages."
"The static scans are good, and the SaaS as well."
"The most valuable feature of HCL AppScan is scanning QR codes."
"GitHub could improve by being more user-friendly."
"The GUI design is poor, so I exclusively use the CLI, which is much easier to use and understand. It would be great to see the GUI updated to be more user-friendly."
"I would like a more graphical, user-friendly UI, to avoid writing so much code on cmd."
"There could be more integration into Azure."
"From the recruiting standpoint, I would like to see email IDs and phone numbers and a brief introduction about their profile."
"GitHub uses basic configuration, but messaging is not clear."
"It would be useful to have tutorial videos within the GitHub dashboard."
"The solution could have better support for the Markdown language."
"AppScan is too complicated and should be made more user-friendly."
"It has crashed at times."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"The penetration testing feature should be included."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"They have to improve support."
GitHub is ranked 13th in Application Security Tools with 64 reviews while HCL AppScan is ranked 15th in Application Security Tools with 40 reviews. GitHub is rated 8.6, while HCL AppScan is rated 7.6. The top reviewer of GitHub writes "Beneficial version control and continuous integration, but guides would be helpful". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". GitHub is most compared with Snyk, AWS CodeCommit, Bitbucket, Atlassian SourceTree and Fortify on Demand, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and Checkmarx One. See our GitHub vs. HCL AppScan report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.