We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It was easy to set up."
"The product has valuable features for static and dynamic testing."
"It is easy it is to use. It is quick to find things, because of the code scanning tools. It's quite simple to use and it is very good the way it reports the findings."
"The most valuable feature of HCL AppScan is scanning QR codes."
"The solution offers services in a few specific development languages."
"This solution saves us time due to the low number of false positives detected."
"The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL."
"The solution is easy to use."
"The most valuable feature is the application security. It also has a reasonable price."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"With the Extender Tab, if you know how to code then you can create a plugin and add it to Burp."
"You can download different plugins if you don't have them in the standard edition."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"It offers very good accuracy. You can trust the results."
"It was easy to learn."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"They have to improve support."
"I would love to see more containers. Many of the tools are great, they require an amount of configuration, setup and infrastructure. If most the applications were in a container, I think everything would be a little bit faster, because all our clients are now using containers."
"The product has some technical limitations."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"One area that can be improved, when compared to alternative tools, is that they could provide different reporting options and in different formats like PDF or something like that."
"The price could be better. The rest is fine."
"If we're running a huge number of scans regularly, it slows down the tool."
"We wish that the Spider feature would appear in the same shape that it does in previous versions."
"There is not much automation in the tool."
"The solution’s pricing could be improved."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and OWASP Zap, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.