Try our new research platform with insights from 80,000+ expert users

HCL AppScan vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

HCL AppScan
Ranking in Application Security Tools
15th
Average Rating
7.8
Reviews Sentiment
6.1
Number of Reviews
43
Ranking in other categories
Static Application Security Testing (SAST) (15th), Dynamic Application Security Testing (DAST) (1st)
Tenable.io Web Application ...
Ranking in Application Security Tools
19th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Application Security Tools category, the mindshare of HCL AppScan is 2.7%, up from 2.7% compared to the previous year. The mindshare of Tenable.io Web Application Scanning is 1.3%, down from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Sthembiso Zondi - PeerSpot reviewer
Has a straightforward setup process and valuable security features
We use AppScan primarily for security testing and performance monitoring across our systems The product's features for comprehensive code analysis (static) and live environment testing (dynamic) have significantly enhanced our ability to identify and address vulnerabilities, improving overall…
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"The security and the dashboard are the most valuable features."
"Compared to other tools only AppScan supports special language."
"The UI was very intuitive."
"The most valuable feature of the solution is the scanning or security part."
"IBM AppScan has made our work easy, as we can do four to five scans of websites at a time, which saves time when it comes to vulnerability."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"I like the recording feature."
"The most effective feature of the product is the ability to scan the entire environment."
"The solution is stable."
"The solution's instant reports feature is the most effective for detecting threats."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"Now that the license is centralized, it's a significant feature to manipulate assets based on their functions."
"It has good unified web application scanning and exposure management."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"I would recommend Tenable.io Web Application Scanning to others."
 

Cons

"AppScan needs to improve its handling of false positives."
"​IBM Security AppScan Source is rather hard to use​."
"HCL AppScan needs to improve security."
"Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its features."
"It's a little bit basic when you talk about the Web Services. If AppScan improved its maturity on Web Services testing, that would be good."
"They have to improve support."
"The pricing has room for improvement."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"The platform's technical support services could be better."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"Sometimes it lags with different cloud environments."
"The reporting has a very limited customization capability."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
"The solution's dashboards could be improved and made more user-friendly."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
 

Pricing and Cost Advice

"The tool was expensive."
"HCL AppScan is expensive."
"The product has premium pricing and could be more competitive."
"The product is moderately priced, though it's an investment due to extensive code analysis needs."
"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"Our clients are willing to pay the extra money. It is expensive."
"The solution is cheap."
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"The pricing is okay."
"Tenable.io Web Application Scanning is expensive for small businesses."
"I rate the product's pricing a four out of ten."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
18%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
Financial Services Firm
14%
Computer Software Company
12%
Government
11%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
 

Also Known As

IBM Security AppScan, Rational AppScan, AppScan
No data available
 

Overview

 

Sample Customers

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
IMDEX
Find out what your peers are saying about HCL AppScan vs. Tenable.io Web Application Scanning and other solutions. Updated: July 2025.
861,390 professionals have used our research since 2012.