GitLab vs HCL AppScan comparison

GitLab and HCLSoftware are both solutions in the Application Security Tools category. GitLab is ranked #12 with an average rating of 8.2, while HCLSoftware is ranked #15 with an average rating of 8.1. GitLab holds a 2.3% mindshare in AS, compared to HCLSoftware ’s 2.4% mindshare. Additionally, 97% of GitLab users are willing to recommend the solution, compared to 84% of HCLSoftware users who would recommend it.

GitLab

Read 88 GitLab reviews

17,371 Views
2,953 Comparison Views

97% willing to recommend

HCL AppScan

Read 44 HCL AppScan reviews

4,305 Views
3,057 Comparison Views

84% willing to recommend

GitLab

HCL AppScan

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

HCL AppScan and GitLab operate in the software security and development space. GitLab appears to have the upper hand with its comprehensive feature set and ease of integration, enhancing user experience in development functions.

Features: HCL AppScan offers advanced security testing tools, thorough vulnerability assessments, and support for various technologies. GitLab features a DevOps platform, seamless CI/CD pipeline integration, and collaborative tools, providing broader development support beyond security testing.

Room for Improvement: HCL AppScan users note the need for better report customization, integration flexibility, and interoperability. GitLab users highlight occasional performance issues, enhanced documentation, and product efficiency improvement.

Ease of Deployment and Customer Service: HCL AppScan deployment is complex due to its extensive security capabilities, but it has strong customer service. GitLab offers straightforward deployment within its integrated ecosystem, with users reporting satisfactory customer service.

Pricing and ROI: HCL AppScan incurs higher setup costs, with users recognizing security-related returns. GitLab's flexible pricing model is seen as providing strong ROI through its comprehensive features supporting complete development workflows.

To learn more, read our detailed GitLab vs. HCL AppScan Report (Updated: December 2025).

Buyer's Guide

GitLab vs. HCL AppScan

December 2025

Download the complete report

Helped 879,259 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

ROI

Sentiment score

5.9

GitLab boosts ROI by enhancing DevOps efficiency, time-saving automation, software security, and user satisfaction through broad project adoption.

Sentiment score

1.7

HCL AppScan enhances architecture with fewer errors and improved security, achieving 50% return and 20% cost savings.

Migrating to GitLab is bringing time-saving benefits, and everything is easier to automate.

reviewer2603940

IT Manager at a tech company with 5,001-10,000 employees

We have saved time significantly, reducing deployment time from four hours to five minutes per deployment.

Andrea PICCININI

IT Software Architect at ANAC - Autorità Nazionale Anticorruzione

For more quotes and insights, download the GitLab report

No quotes available

For more quotes and insights, download the HCL AppScan report

Customer Service

Sentiment score

6.5

GitLab support varies by subscription, with paid users satisfied, while free users often use forums or internal resources.

Sentiment score

5.6

HCL AppScan's support is responsive with mixed reviews, facing regional challenges and lagging behind competitors like Veracode.

We have rarely needed to escalate issues to technical support since GitLab usually runs seamlessly.

Gaurav Chandel

AWS DevOps/ Site Reliability Engineer at Tata Consultancy

I have interacted with architects for some advice during the implementation, and they were prompt in their response.

Mikhael Ibrahim

Platform Engineer & Manager at a computer software company with 51-200 employees

I have had meetings where they taught me, explained things, and provided guidance for starting from scratch.

reviewer2603940

IT Manager at a tech company with 5,001-10,000 employees

For more quotes and insights, download the GitLab report

Veracode provides excellent assistance and regularly scheduled calls to address customer concerns and updates.

MukeshSaha

Associate Principal, Software Engineering at LTI - Larsen & Toubro Infotech

There is still room for improvement when it comes to the speed of response.

Ravi Khanchandani

Founder Director at Techsa Services

For more quotes and insights, download the HCL AppScan report

Scalability Issues

Sentiment score

7.3

GitLab is praised for adaptability, handling diverse workloads and large architectures smoothly, though some on-premises scalability issues remain.

Sentiment score

3.9

HCL AppScan is scalable yet varies by license, integration issues, infrastructure compatibility, and CI/CD pipeline design effectiveness.

It has all the features required for our coding and deployment needs, which makes it scalable to our changing requirements.

Sarfaraz Khan

Senior Application Developer at IBM

We're transitioning to OpenShift for future scalability with increased user numbers.

Mikhael Ibrahim

Platform Engineer & Manager at a computer software company with 51-200 employees

For scaling, other deployment options from GitLab's side need to be adopted.

Rohit Kesharwani

Manager, Engineering at 7-Eleven

For more quotes and insights, download the GitLab report

No quotes available

For more quotes and insights, download the HCL AppScan report

Stability Issues

Sentiment score

8.1

Users praise GitLab for stability and reliability with minimal downtime, highlighting its strong performance and high stability ratings.

Sentiment score

7.2

HCL AppScan is stable and reliable, with minor hardware issues, improved by recent upgrades enhancing performance and stability.

I have not encountered any performance or stability issues with GitLab so far.

Gaurav Chandel

AWS DevOps/ Site Reliability Engineer at Tata Consultancy

The updates are frequent and demanding, happening at least once a week due to security reasons.

Andrew Schetinin

Chief Technology Officer at Acclym

We raised a request with GitLab support, but they were unable to help because they could not find the root cause of what went wrong.

AvdheshSharma

Assistant Manager at a tech vendor with 10,001+ employees

For more quotes and insights, download the GitLab report

Since we've been using HCL AppScan for about three months, we really have not encountered a false positive.

Ravi Khanchandani

Founder Director at Techsa Services

For more quotes and insights, download the HCL AppScan report

Room For Improvement

GitLab users want better integrations, documentation, project management, intuitive pipelines, enhanced security, user-friendly interface, and simplified pricing.

HCL AppScan requires improvements in vulnerability detection, usability, integration, performance, support, pricing, and language/codebase compatibility to stay competitive.

It would be beneficial to have a user-friendly interface for setting up these configurations, instead of just writing YAML files.

reviewer2603940

IT Manager at a tech company with 5,001-10,000 employees

It is essential to conduct proper testing, such as unit tests and code coverage, within the SDLC pipelines.

Rohit Kesharwani

Manager, Engineering at 7-Eleven

GitLab can improve its user interface to make conflict resolution more user-friendly.

Sarfaraz Khan

Senior Application Developer at IBM

For more quotes and insights, download the GitLab report

If I'm scanning a web application, it shows me the various components being used. It tells me whether I have Java libraries, .NET frameworks, or other log management libraries such as Log4j, and what versions of those specific components are present.

Ravi Khanchandani

Founder Director at Techsa Services

For more quotes and insights, download the HCL AppScan report

Setup Cost

GitLab offers a free tier, with Premium at $19 and Ultimate at $99 per user monthly, plus optional CI/CD costs.

HCL AppScan is considered expensive but cost-effective, with varied pricing opinions influenced by its premium features and discounts.

Even when working in other small organizations, we opted for GitLab as it was cost-efficient.

Sarfaraz Khan

Senior Application Developer at IBM

The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.

reviewer2603940

IT Manager at a tech company with 5,001-10,000 employees

The price is high, and it limits user accessibility.

Andrea PICCININI

IT Software Architect at ANAC - Autorità Nazionale Anticorruzione

For more quotes and insights, download the GitLab report

Companies often choose based on budget constraints, with Veracode being on the higher end cost-wise.

MukeshSaha

Associate Principal, Software Engineering at LTI - Larsen & Toubro Infotech

For more quotes and insights, download the HCL AppScan report

Valuable Features

GitLab excels in CI/CD pipelines, usability, integration, and automation, enhancing collaboration, productivity, and efficient DevOps workflows.

HCL AppScan detects vulnerabilities, integrates with agile processes, offers scalability, user-friendly features, and AI-enhanced rapid scanning for security.

As we implement automated testing and DevSecOps, it speeds up the process by forty to sixty percent.

Mikhael Ibrahim

Platform Engineer & Manager at a computer software company with 51-200 employees

The Ultimate version offers enhanced features for security scanning through DAST and SAST analysis, which have greatly benefitted our project workflow.

Andrea PICCININI

IT Software Architect at ANAC - Autorità Nazionale Anticorruzione

By integrating GitLab as a DevOps platform, we have enhanced agility, improved our time to market, and different teams can work collaboratively on various projects.

Rohit Kesharwani

Manager, Engineering at 7-Eleven

For more quotes and insights, download the GitLab report

AppScan's most valuable features include its ability to identify vulnerabilities accurately, provide detailed remediation steps, and the newly introduced AI-powered features that enhance its functionality further.

MukeshSaha

Associate Principal, Software Engineering at LTI - Larsen & Toubro Infotech

I have utilized its interactive application security testing, as well as both static application security testing, dynamic application security testing, and IAST.

Ravi Khanchandani

Founder Director at Techsa Services

For more quotes and insights, download the HCL AppScan report

Categories and Ranking

GitLab

Ranking in Application Security Tools

12th

Ranking in Static Application Security Testing (SAST)

8th

Average Rating

8.4

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (10th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (1st)

HCL AppScan

Ranking in Application Security Tools

15th

Ranking in Static Application Security Testing (SAST)

14th

Average Rating

7.6

Reviews Sentiment

5.9

Number of Reviews

Ranking in other categories

Dynamic Application Security Testing (DAST) (3rd)

Mindshare comparison

As of December 2025, in the Application Security Tools category, the mindshare of GitLab is 2.3%, down from 3.1% compared to the previous year. The mindshare of HCL AppScan is 2.4%, down from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Application Security Tools Market Share Distribution
Product	Market Share (%)
GitLab	2.3%
HCL AppScan	2.4%
Other	95.3%

Application Security Tools

Featured Reviews

Rohit Kesharwani

Manager, Engineering at 7-Eleven

Improved agility and time to market with CI/CD enhancements

The CI/CD pipelines in GitLab are highly valuable. Another important feature is the single source of repository, allowing efficient repository management and source code management. GitLab provides manageability by allowing us to manage source code effectively through separate repositories. Additionally, GitLab enables the creation of individual CI/CD pipelines for each repository, making software more agile. By integrating GitLab as a DevOps platform, we have enhanced agility, improved our time to market, and different teams can work collaboratively on various projects.

Read full review

Ravi Khanchandani

Founder Director at Techsa Services

Has improved identification of encryption and authentication issues across cloud and on-prem applications

During the learning curve of onboarding HCL AppScan, we learned that HCL has altered the portfolio and now offers HCL AppScan 360, which has a much better look and feel with an improved user interface. However, there is one feature called SCA, which stands for Software Composition Analysis, that could be improved. When I'm doing an application scan, HCL AppScan has the ability to generate information about what components are in use. For example, if I'm scanning a web application, it shows me the various components being used. It tells me whether I have Java libraries, .NET frameworks, or other log management libraries such as Log4j, and what versions of those specific components are present. I would like to see more detailed reports from the tool. Currently, you can find out the components belonging to a specific software, but if detailed reporting became available, you would be in a better position to identify vulnerabilities. For instance, I could identify that I had the Log4j vulnerability and know that I need to fix my application accordingly. If they add the features I'm describing, I would consider giving them a higher rating. However, I've only been experienced with the product for three months.

Read full review

See which vendors are best for you

Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.

See recommendations

879,259 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

14%

Computer Software Company

13%

Government

11%

Manufacturing Company

11%

Computer Software Company

13%

Financial Services Firm

11%

Government

10%

Manufacturing Company

10%

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	36
Midsize Enterprise	10
Large Enterprise	43

By reviewers
Company Size	Count
Small Business	14
Midsize Enterprise	6
Large Enterprise	31

Questions from the Community

What do you like most about GitLab?

I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.

See all answers

What is your experience regarding pricing and costs for GitLab?

We are currently using general GitLab, not GitLab Premium.

See all answers

What needs improvement with GitLab?

GitLab can be improved by being more responsive in the UI and offering better pricing for premium features, which would be useful for small startups. While GitLab's CI/CD is powerful, it is somewha...

See all answers

What do you like most about HCL AppScan?

The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.

See all answers

What needs improvement with HCL AppScan?

See all answers

What is your primary use case for HCL AppScan?

I'm currently working with BigFix and HCL AppScan. At least three people in my company are using HCL AppScan. Since we are a reseller, we run it in both lab environments and live production applica...

See all answers

Comparisons

Microsoft Azure DevOps vs GitLab

Compared 46% of the time

GitHub CoPilot vs GitLab

Compared 8% of the time

SonarQube vs GitLab

Compared 4% of the time

TeamCity vs GitLab

Compared 4% of the time

Tekton vs GitLab

Compared 4% of the time

More GitLab Competitors

Veracode vs HCL AppScan

Compared 11% of the time

SonarQube vs HCL AppScan

Compared 11% of the time

Acunetix vs HCL AppScan

Compared 9% of the time

OWASP Zap vs HCL AppScan

Compared 7% of the time

PortSwigger Burp Suite Professional vs HCL AppScan

Compared 7% of the time

More HCL AppScan Competitors

Product Reports

Buyer's Guide

GitLab

December 2025

Download GitLab product report

Buyer's Guide

HCL AppScan

December 2025

Download HCL AppScan product report

Also Known As

Fuzzit

IBM Security AppScan, Rational AppScan, AppScan

Overview

GitLab offers a secure and user-friendly platform for CI/CD pipeline management, code repository control, and collaboration, enhancing development speed and efficiency. It facilitates automation with extensive customization and tool integration, ideal for DevOps processes.

GitLab supports source code management, version control, and collaborative development. It's frequently used in CI/CD processes to automate builds and deployments while integrating DevOps practices. GitLab allows companies to manage repositories, automate pipelines, conduct code reviews, and maintain development lifecycles. The platform supports infrastructure and configuration management, enabling efficient code collaboration, deployment automation, and comprehensive repository handling. Many organizations commit and deploy developed code using GitLab's capabilities.

What are GitLab's most valuable features?

CI/CD Pipeline Management: Streamlines development through automated testing and deployment.
User-Friendly Interface: Ensures ease of collaboration and task automation.
Code Merging and Branching: Facilitates smooth code integration and version control.
Security Platform: Provides strong security features for safe development.
Tool Integration: Enhances functionality with diverse tool integration.

What benefits should users evaluate?

Development Speed: Accelerates processes through automation.
Collaboration Ease: Simplifies team interactions and workflow.
Customization Options: Offers extensive personalization for specific needs.
Comprehensive Documentation: Provides detailed guidance for users.
Secure Platform: Maintains integrity with robust security features.

In specific industries, GitLab serves as a backbone for source code management and CI/CD implementation. Companies leverage its capabilities for infrastructure management and deployment automation, thus streamlining project delivery timelines. Its ability to handle configuration management and code repositories effectively aids in maintaining development lifecycles, making it a preferred choice for organizations committed to enhancing their DevOps practices.

GitLab

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

HCLSoftware

Sample Customers

1. NASA 2. IBM 3. Sony 4. Alibaba 5. CERN 6. Siemens 7. Volkswagen 8. ING 9. Ticketmaster 10. SpaceX 11. Adobe 12. Intuit 13. Autodesk 14. Rakuten 15. Unity Technologies 16. Pandora 17. Electronic Arts 18. Nordstrom 19. Verizon 20. Comcast 21. Philips 22. Deutsche Telekom 23. Orange 24. Fujitsu 25. Ericsson 26. Nokia 27. General Electric 28. Cisco 29. Accenture 30. Deloitte 31. PwC 32. KPMG

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT

Buyer's Guide

GitLab vs. HCL AppScan

December 2025

Free Report: GitLab vs. HCL AppScan

Find out what your peers are saying about GitLab vs. HCL AppScan and other solutions. Updated: December 2025.

DOWNLOAD NOW

879,259 professionals have used our research since 2012.

See our GitLab vs. HCL AppScan report.

See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.