Try our new research platform with insights from 80,000+ expert users

HCL AppScan vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

HCL AppScan
Ranking in Application Security Tools
15th
Average Rating
7.8
Reviews Sentiment
6.1
Number of Reviews
43
Ranking in other categories
Static Application Security Testing (SAST) (15th), Dynamic Application Security Testing (DAST) (1st)
Tenable.io Web Application ...
Ranking in Application Security Tools
19th
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
17
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Application Security Tools category, the mindshare of HCL AppScan is 2.7%, up from 2.7% compared to the previous year. The mindshare of Tenable.io Web Application Scanning is 1.3%, down from 1.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Sthembiso Zondi - PeerSpot reviewer
Has a straightforward setup process and valuable security features
We use AppScan primarily for security testing and performance monitoring across our systems The product's features for comprehensive code analysis (static) and live environment testing (dynamic) have significantly enhanced our ability to identify and address vulnerabilities, improving overall…
Harshal Deshmukh - PeerSpot reviewer
Simple tool to use, good dashboard capabilities and offers asset criticality ratings
It has good dashboard capabilities and gives good results with priority ratings, asset criticality ratings, and exposure scores for vulnerabilities. It also provides automated web application scanning, which customers appreciate because it doesn't disturb the web application or hamper the business. While testing the web application, sometimes it happens that the website or application goes down. But with Tenable.io Web Application Scanning, it doesn't affect the business. It has good unified web application scanning and exposure management.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"The reporting part is the most valuable feature."
"It was easy to set up."
"The solution is easy to install. I would rate the product's setup between six to seven out of ten. The deployment time depends on the applications that need to be scanned. We have a development and operations team to take care of the product's maintenance."
"The most valuable feature of HCL AppScan is scanning QR codes."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"The most valuable feature of the solution is Postman."
"The UI was very intuitive."
"It has good unified web application scanning and exposure management."
"It collects the vulnerabilities on the hostnames and sends them to the Tenable.io cloud. Tenable has its own cloud where Tenable.io is running, but there are many connectors to other cloud solutions. Tenable can do vulnerability scanning for other cloud managers such as Azure, Amazon, and so on."
"It is fully automated."
"I would recommend Tenable.io Web Application Scanning to others."
"The solution's instant reports feature is the most effective for detecting threats."
"The initial setup is straightforward."
"The solution is stable."
"Tenable.io Web Application Scanning is very easy to use."
 

Cons

"They should have a better UI for dashboards."
"The databases for HCL are small and have room for improvement."
"AppScan is too complicated and should be made more user-friendly."
"There is not a central management for static and dynamic."
"They have to improve support."
"AppScan needs to improve its handling of false positives."
"The tool should improve its output. Scanning is not a challenge anymore since there are many such tools available in the market. The product needs to focus on how its output is being used by end users. It should be also more user-friendly. One of the major challenges is in the tool's integration with applications that need to be scanned. Sometimes, the scanning is not proper."
"It has crashed at times."
"The dashboard could be more user-friendly."
"The reporting has a very limited customization capability."
"The solution's dashboards could be improved and made more user-friendly."
"Sometimes it lags with different cloud environments."
"The platform's technical support services could be better."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"It would be great if there were a dashboard that is more user-friendly."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
 

Pricing and Cost Advice

"Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
"AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
"The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."
"The solution is moderately priced."
"Our clients are willing to pay the extra money. It is expensive."
"HCL AppScan is expensive."
"I rate the product's price a seven on a scale of one to ten, where one is low, and ten is high. HCL AppScan is an expensive tool."
"With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"I rate the product's pricing a four out of ten."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
"The pricing is okay."
"Tenable.io Web Application Scanning is expensive for small businesses."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
862,452 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
14%
Government
10%
Manufacturing Company
10%
Financial Services Firm
14%
Computer Software Company
13%
Government
10%
Retailer
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about HCL AppScan?
The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
What needs improvement with HCL AppScan?
AppScan needs to improve its handling of false positives. It also requires enhancements in customer support, similar to what Veracode provides. Regularly scheduling calls with clients to discuss fe...
What is your primary use case for HCL AppScan?
The primary use case for AppScan is for security purposes. I compare AppScan with other tools such as Veracode. We use AppScan for vulnerability detection and auto-remediation of vulnerabilities wi...
What do you like most about Tenable.io Web Application Scanning?
The most effective feature of the product is the ability to scan the entire environment.
What needs improvement with Tenable.io Web Application Scanning?
Improvements could include providing coverage reports in the free version and features related to security reports. Also, enhancing technical support would be beneficial as there is room for improv...
What advice do you have for others considering Tenable.io Web Application Scanning?
I would recommend Tenable.io Web Application Scanning as it provides us with good reports, which help improve our code base, despite the lack of financial benefits. Overall, I would rate it seven o...
 

Also Known As

IBM Security AppScan, Rational AppScan, AppScan
No data available
 

Overview

 

Sample Customers

Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
IMDEX
Find out what your peers are saying about HCL AppScan vs. Tenable.io Web Application Scanning and other solutions. Updated: July 2025.
862,452 professionals have used our research since 2012.