Try our new research platform with insights from 80,000+ expert users

GitLab vs HCL AppScan comparison

GitLab and HCLSoftware are both solutions in the Application Security Tools category. GitLab is ranked #9 with an average rating of 8.6, while HCLSoftware is ranked #14 with an average rating of 7.9. GitLab holds a 2.9% mindshare in AS, compared to HCLSoftware ’s 2.7% mindshare. Additionally, 97% of GitLab users are willing to recommend the solution, compared to 83% of HCLSoftware users who would recommend it.
GitLab
Read 82 GitLab reviews
  • 3,648 Views
  • 3,011 Comparison Views
97% willing to recommend
HCL AppScan
Read 43 HCL AppScan reviews
  • 3,792 Views
  • 2,867 Comparison Views
83% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

HCL AppScan and GitLab operate in the software security and development space. GitLab appears to have the upper hand with its comprehensive feature set and ease of integration, enhancing user experience in development functions.

Features: HCL AppScan offers advanced security testing tools, thorough vulnerability assessments, and support for various technologies. GitLab features a DevOps platform, seamless CI/CD pipeline integration, and collaborative tools, providing broader development support beyond security testing.

Room for Improvement: HCL AppScan users note the need for better report customization, integration flexibility, and interoperability. GitLab users highlight occasional performance issues, enhanced documentation, and product efficiency improvement.

Ease of Deployment and Customer Service: HCL AppScan deployment is complex due to its extensive security capabilities, but it has strong customer service. GitLab offers straightforward deployment within its integrated ecosystem, with users reporting satisfactory customer service.

Pricing and ROI: HCL AppScan incurs higher setup costs, with users recognizing security-related returns. GitLab's flexible pricing model is seen as providing strong ROI through its comprehensive features supporting complete development workflows.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed GitLab vs. HCL AppScan Report (Updated: April 2025).
Buyer's Guide
GitLab vs. HCL AppScan
April 2025
Download the complete report
Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitLab
Ranking in Application Security Tools
9th
Ranking in Static Application Security Testing (SAST)
7th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
82
Ranking in other categories
Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (12th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), Fuzz Testing Tools (2nd), DevSecOps (3rd)
HCL AppScan
Ranking in Application Security Tools
14th
Ranking in Static Application Security Testing (SAST)
10th
Average Rating
7.8
Reviews Sentiment
6.9
Number of Reviews
43
Ranking in other categories
Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

As of May 2025, in the Application Security Tools category, the mindshare of GitLab is 2.9%, up from 2.8% compared to the previous year. The mindshare of HCL AppScan is 2.7%, up from 2.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Gaurav Chandel - PeerSpot reviewer
Boosted productivity with automated pipelines and seamless collaboration
There are some challenges with repository file management as GitLab may struggle to manage larger files. Improvements could be made regarding size management and file partitioning. Also, the UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.
Read full review
Rishi Anupam - PeerSpot reviewer
A stable and scalable scanning solution with good reporting feature
The solution is used for the vulnerabilities scan on the network side The reporting part is the most valuable feature. The penetration testing feature should be included. I have been using the solution for four years. It is a stable solution. I rate it seven out of ten. It is a scalable…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's a great toolbox where the CI/CD pipeline is the fundamental component, but there are so many other features that you can pull from, which makes it a very powerful tool. My current client is using AWS, and they can, of course, use AWS CodePipeline, but GitLab is much more mature than that, and it also gives you the freedom to decide to go to another platform or have a multi-cloud strategy and things like that. That freedom for me is also very valuable."
"We like that we can create branches and then the branches can be reviewed and you can mesh those branches back. You can independently work with your own branch, you don't need to really control the core of other people."
"The most valuable feature of GitLab is the automatic merging of code."
"A user friendly solution."
"GitLab's best features are continuous integration and fast deployment."
"The dashboard and interface make it easy to use."
"We like that we can have an all-encompassing product and don't have to implement different solutions."
"The code merging capability is something that we use very frequently."
More GitLab pros
"I like the recording feature."
"It is a stable solution...It is a scalable solution...The initial setup or installation of HCL AppScan is easy."
"This is a stable solution."
"There's extensive functionality with custom rules and a custom knowledge base."
"It was easy to set up."
"It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The solution is easy to use."
More HCL AppScan pros
 

Cons

"It can be free for commercial use."
"As GitLab is not perfect, what needs improvement in the solution is the Wiki feature of the groups or the repertories because currently, it's not searchable by default. You'll need an indexing service such as Elasticsearch to make it searchable, and that requires too much work, so for me, it's the main feature that should be improved in GitLab. In the next version of the solution, from the top of my head, the documentation could be improved. Besides the Wiki, it would be good if there's documentation that would be automatically generated based on the code repository. In other words, there should be some tutorials from GitLab for developers in the next release."
"I used Spring Cloud config and to connect that to GitLab was so hard."
"In the free version, when a merge request is raised, there is no way to enforce certain rules. We can't enforce that this merge request must be reviewed or approved by two or three people in the team before it is pushed to the master branch. That's why we are exploring using some agents."
"As a partner, sometimes it's difficult to get support. They have a really complicated procedure for their support."
"The solution does not have many built-in functions or variables so scripting is required."
"It could have more security integrations and the ability to check the vulnerability of the code. I don't think it is a responsibility of Gitlab, but it would be nice to have more options to integrate with."
"It's more related to the supporting layer of features, such as issue management and issue tracking. We tend to always use, for example, Jira next to it. That doesn't mean that GitLab should build something similar to Jira because that will always have its place, but they could grow a bit in those kinds of supporting features. I see some, for example, covering ITSM on a DevOps team level, and that's one of the things that I and my current client would find really helpful. It's understandably not going to be their main focus and their core, and whenever you are with a company that needs a bit more advanced features on that specific topic, you're probably still going to integrate with another tool like Jira Service Management, for example. However, some basic features on things like that could be really helpful."
More GitLab cons
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"If HCL AppScan is able to alert the clients over email once the scan is complete, it would be great. Right now, HCL AppScan doesn't let me know if the scanning part is finished or not, because of which I have to come back and check mostly."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"They should have a better UI for dashboards."
"One thing which I think can be improved is the CI/CD Integration"
"They could add a software component analysis tool."
"Scans become slow on large websites."
More HCL AppScan cons
 

Pricing and Cost Advice

"As I work in a vast enterprise, I'm unsure about the licensing cost for GitLab. It's the management team that takes care of that."
"The price is okay."
"GitLab is comparatively expensive, but it provides value because it's feature-rich."
"We are using the free version of GitLab."
"The solution's pricing is acceptable."
"GitLab's pricing is good compared to others on the market."
"I think that we pay approximately $100 USD per month."
"My company uses the free version of GitLab, which is GitLab Community Edition. There is a licensed version also available for GitLab."
More GitLab pricing and cost advice
"Our clients are willing to pay the extra money. It is expensive."
"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
"The tool was expensive."
"The solution is moderately priced."
"HCL AppScan is expensive."
"The product has premium pricing and could be more competitive."
More HCL AppScan pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
See recommendations
849,686 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
24%
Financial Services Firm
12%
Computer Software Company
12%
Manufacturing Company
9%
Computer Software Company
18%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
See all answers
What is your experience regarding pricing and costs for GitLab?
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
See all answers
What needs improvement with GitLab?
Certain features in Jira are not available in GitLab, such as the functionality to have weights at the milestone and epic levels. Hopefully, these features will be resolved with work items in GitLa...
See all answers
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
See all answers
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
See all answers
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
See all answers
 

Comparisons

Microsoft Azure DevOps vs GitLab Logo
Microsoft Azure DevOps vs GitLab
Compared 26% of the time
GitHub CoPilot vs GitLab Logo
GitHub CoPilot vs GitLab
Compared 14% of the time
SonarQube Server (formerly SonarQube) vs GitLab Logo
SonarQube Server (formerly SonarQube) vs GitLab
Compared 7% of the time
AWS CodePipeline vs GitLab Logo
AWS CodePipeline vs GitLab
Compared 5% of the time
Tekton vs GitLab Logo
Tekton vs GitLab
Compared 5% of the time
More GitLab Competitors
Acunetix vs HCL AppScan Logo
Acunetix vs HCL AppScan
Compared 16% of the time
SonarQube Server (formerly SonarQube) vs HCL AppScan Logo
SonarQube Server (formerly SonarQube) vs HCL AppScan
Compared 12% of the time
Veracode vs HCL AppScan Logo
Veracode vs HCL AppScan
Compared 10% of the time
Fortify on Demand vs HCL AppScan Logo
Fortify on Demand vs HCL AppScan
Compared 7% of the time
Invicti vs HCL AppScan Logo
Invicti vs HCL AppScan
Compared 3% of the time
More HCL AppScan Competitors
 

Product Reports

Buyer's Guide
GitLab
April 2025
GitLab reportDownload GitLab product report
Buyer's Guide
HCL AppScan
April 2025
HCL AppScan reportDownload HCL AppScan product report
 

Also Known As

Fuzzit
IBM Security AppScan, Rational AppScan, AppScan
 

Overview

GitLab is a complete DevOps platform that enables teams to collaborate and deliver software faster. 

It provides a single application for the entire DevOps lifecycle, from planning and development to testing, deployment, and monitoring. 

With GitLab, teams can streamline their workflows, automate processes, and improve productivity.

GitLab

IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

HCLSoftware
 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Buyer's Guide
GitLab vs. HCL AppScan
April 2025
Free Report: GitLab vs. HCL AppScan
Find out what your peers are saying about GitLab vs. HCL AppScan and other solutions. Updated: April 2025.
DOWNLOAD NOW
849,686 professionals have used our research since 2012.
See our GitLab vs. HCL AppScan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.

We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.