Try our new research platform with insights from 80,000+ expert users

Fortify Software Security Center vs HCL AppScan comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortify Software Security C...
Ranking in Static Application Security Testing (SAST)
30th
Average Rating
7.8
Reviews Sentiment
8.3
Number of Reviews
6
Ranking in other categories
No ranking in other categories
HCL AppScan
Ranking in Static Application Security Testing (SAST)
15th
Average Rating
7.8
Reviews Sentiment
6.1
Number of Reviews
43
Ranking in other categories
Application Security Tools (15th), Dynamic Application Security Testing (DAST) (1st)
 

Mindshare comparison

As of July 2025, in the Static Application Security Testing (SAST) category, the mindshare of Fortify Software Security Center is 0.4%, up from 0.2% compared to the previous year. The mindshare of HCL AppScan is 2.6%, up from 2.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST)
 

Featured Reviews

Jonathan Steyn - PeerSpot reviewer
Comprehensive vulnerability analysis and customization features with decent pricing
Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances. WebInspect supports a number of APIs and web endpoints. I find its feature of macro recording allows for testing vulnerabilities during multi-factor authentication sessions very valuable. I appreciate the ability to further analyze data with tools like Audit Workbench.
Sthembiso Zondi - PeerSpot reviewer
Has a straightforward setup process and valuable security features
We use AppScan primarily for security testing and performance monitoring across our systems The product's features for comprehensive code analysis (static) and live environment testing (dynamic) have significantly enhanced our ability to identify and address vulnerabilities, improving overall…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Fortify Analytics' AI function helps scan and provides more detailed explanations and recommendations about vulnerabilities."
"Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances."
"This is a stable solution at the end of the day."
"You can easily download the tool's rule packs and update them."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"The overall rating for this tool is ten out of ten."
"I like the explanation of issues provided by Fortify Software Security Center."
"For me, as a manager, it was the ease of use. Inserting security into the development process is not normally an easy project to do. The ability for the developer to actually use it and get results and focuses, that's what counted."
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"It provides a better integration for our ecosystem."
"Technical support is helpful."
"The UI was very intuitive."
"The solution is cheap."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The most valuable feature of the solution is Postman."
 

Cons

"Improvements needed for Software Security Center include better aggregation views of datasets."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"The product's overlap feature is restrictive and requires more customization efforts, which can be expensive."
"Improvements needed for Software Security Center include better aggregation views of datasets."
"I am not satisfied with the percentage of false positives, which is around eighteen percent."
"We are having issues with false positives that need to be resolved."
"Fortify Software Security Center's setup is really painful."
"Scans become slow on large websites."
"​IBM Security AppScan Source is rather hard to use​."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"Improvement can be done as per customer requirements."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"A desktop version should be added."
 

Pricing and Cost Advice

"This is a costly solution that could be cheaper."
"As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available."
"The solution is priced fair."
"The solution is cheap."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"The product has premium pricing and could be more competitive."
"Our clients are willing to pay the extra money. It is expensive."
"The product is moderately priced, though it's an investment due to extensive code analysis needs."
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."
"The solution is moderately priced."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
19%
Financial Services Firm
16%
Computer Software Company
11%
Government
7%
Computer Software Company
18%
Financial Services Firm
14%
Government
12%
Manufacturing Company
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Micro Focus Software Security Center?
You can easily download the tool's rule packs and update them.
What is your experience regarding pricing and costs for Micro Focus Software Security Center?
In the beginning, it was difficult for me to verify that our usage of Fortify Software Security Center corresponded to the license and criteria. Now, we have negotiated a number of details to respe...
What needs improvement with Micro Focus Software Security Center?
I would like the false positive issue to diminish. I have experienced a lot of false positives, but I think this is due to using an older version. I hope the new version will resolve my problem.
What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
 

Also Known As

Micro Focus Software Security Center, Application Security Center, HPE Application Security Center, WebInspect
IBM Security AppScan, Rational AppScan, AppScan
 

Overview

 

Sample Customers

Neosecure, Acxiom, Skandinavisk Data Center A/S, Parkeon
Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
Find out what your peers are saying about Fortify Software Security Center vs. HCL AppScan and other solutions. Updated: June 2025.
859,957 professionals have used our research since 2012.