IT Central Station is now PeerSpot: Here's why

HCL AppScan vs Visual Studio Test Professional comparison

Cancel
You must select at least 2 products to compare!
Veracode Logo
52,683 views|29,866 comparisons
HCL Logo
10,243 views|7,871 comparisons
Featured Review
Buyer's Guide
Application Security
June 2022
Find out what your peers are saying about SonarSource, Veracode, Snyk and others in Application Security. Updated: June 2022.
607,127 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Their dashboard is really good, overall. In my opinion, it's one of the best in the market, and I say that because we have used other service providers.""Another feature of Veracode is that they provide e-learning, but the e-learning is not basic, rather it is quite advanced... in the e-learning you can check into best practices for developing code and how to prevent improper management of some component of the code that could lead to a vulnerability. The e-learning that Veracode provides is an extremely good tool.""My experience with Veracode across the board every time, in all products, the technology, the product, the service, and the salespeople is fabulous.""In terms of secure development, the SAST scan is very useful because we are able to identify security flaws in the code base itself, for the application.""You can easily integrate it with Azure DevOps. This is an added value because we work with Azure DevOps. Veracode is natively supported and we don't have to work with APIs.""The most valuable features are that you can do static analysis and dynamic analysis on a scheduled basis and that you can push the findings into JIRA.""The Veracode technical support is very good. They are responsive and very knowledgeable.""The reporting being highly accurate is pretty cool. I use another product and I was always looking for answers as to what line, which part of the code, was wrong, and what to do about it. Veracode seems to have a solid database to look things up and a website to look things up."

More Veracode Pros →

"The most valuable feature of HCL AppScan is scanning QR codes.""The HCL AppScan turnaround time for Burp Suite or any new feature request is pretty good, and that is why we are sticking with the HCL.""AppScan is stable.""There's extensive functionality with custom rules and a custom knowledge base.""The solution offers services in a few specific development languages.""It was easy to set up.""It identifies all the URLs and domains on its own and then performs tests and provides the results."

More HCL AppScan Pros →

"Visual Studio is highly powerful. It's probably the best software development tool on the market.""What I like most about Visual Studio Test Professional is the way people publish templates and publish integration.""The ability to quickly make your own components has been valuable.""The stability has always been very good.""It is very easy to use. You can handle a lot of things together at once in one package, which is a good point for us.""I was satisfied with the support given by customer service.""It is a very common and strong product. A lot of support is available for this product.""Easy to use and easily scalable."

More Visual Studio Test Professional Pros →

Cons
"Sometimes the scans are not done quickly, but the solutions that it provides are really good. The quality is high, but the analysis is not done extremely quickly.""The training lab is not very user-friendly and takes a long time to set up.""We tried to create an automatic scanning process for Veracode and integrate it into our billing process, but it was easier to adopt it to repositories based on GIT. Until now, our source control repository was Azure DevOps Server (Microsoft TFS) to managing our resources. This was not something that they supported. It took us some sessions together before we successfully implemented it.""I would ask Veracode to be a lot more engaged with the customer and set up live sessions where they force the customer to engage with Veracode's technical team. Veracode could show them a repo, how they should do things, this is what these results mean, here is a dashboard, here's the interpretation, here's where you find the results.""The policies you have, where you can tune the findings you get, don't allow you not to file tickets about certain findings. It will always report the findings, even if you know you're not that concerned about a library writing to a system log, for example. It will keep raising them, even though you may have a ticket about it. The integration will keep updating the ticket every time the scan runs.""The pricing for qualified startups such as Neo4j could be improved.""There is much to be desired of UI and user experience. The UI is very slow. With every click, it just takes a lot of time for the pages to load. We have seen this consistently since getting this solution. The UI and UX are very disjointed.""Veracode has plenty of data. The problem is the information on the dashboards of Veracode, as the user interface is not great. It's not immediately usable. Most of the time, the best way to use it is to just create issues and put them in JIRA... But if I were a startup, and only had products with a good user interface, I wouldn't use Veracode because the UI is very dated."

More Veracode Cons →

"They have to improve support.""The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved.""The solution could improve by having a mobile version.""One thing which I think can be improved is the CI/CD Integration""The solution often has a high number of false positives. It's an aspect they really need to improve upon.""AppScan is too complicated and should be made more user-friendly.""Sometimes it doesn't work so well."

More HCL AppScan Cons →

"One of the problems with this solution is you need to be highly technically skilled to operate it, it is not for everyone.""Sometimes Visual Studio is slow. It uses a lot of resources like memory and processing power. You should optimize the performance by only installing what you need on your machine. Don't install unnecessary things that will slow your machine.""It needs more integration with other tools for monitoring. Microsoft also needs to make it more modern to make it work with microservices and the cloud. It is a bit outdated currently.""Visual Studio Test Professional could improve by having better integration with external databases.""The solution is quite expensive.""In Visual Studio we still don't have anything which can pinpoint memory leaks on a certain code line.""It is not good in terms of performance. When you open Visual Studio, you have to wait for a while to process your code. It uses a lot of resources and has a lot of features. If we could disable some of the features, it would be lighter and faster to use. Nowadays, for some of the projects, we use VS Code for JavaScript or Python. VS Code is very light and easy to use, whereas, in Visual Studio, we have to wait because it takes time to compile or run a project. It has a lot of competitors in terms of performance, such as Intelligent ID. Intelligent ID is very easy to use. It has many features, and it is lighter to use than Visual Studio. In terms of error handling, sometimes, it shows an error before you finish your code, which can be improved. It would be good if it has a version for Linux. I use VS Code on Linux, but I am not sure if Visual Studio has a version for Linux.""There are too many features with the product and I would like there to be less."

More Visual Studio Test Professional Cons →

Pricing and Cost Advice
  • "I don't really know about the pricing, but I'd say it's worth whatever Veracode is charging, because the solution is that good."
  • "Veracode's price is high. I would like them to better optimize their pricing."
  • "If I compare the pricing with other software tools, then it is quite competitive. Whatever the price is, they have always given us a good discount."
  • "Veracode is expensive. Some of its products are expensive. I don't think it's way more expensive than its competitors. The dynamic is definitely worth it, as I think it's cheaper than the competitors. The static scan is a little bit more expensive, around 20 percent more expensive. The manual pen test is more expensive, but it is an expensive service because it's a manual pen test and we also do retests. I don't think it is way more expensive than the competitors, but it's about 15 to 20 percent more expensive."
  • "We use this product per project rather than per developer... Your development model will really determine what the best fit is for you in terms of licensing, because of the project-based licensing. If you do a few projects, that's more attractive. If you have a large number of developers, that would also make the product a little more attractive."
  • "The pricing is really fair compared to a lot of other tools on the market."
  • "It is very reasonably priced compared to what we were paying our previous vendor. For the same price, we are getting much more value and reducing our AppSec costs from 40 to 50 percent."
  • "Veracode is one of the more expensive solutions in the market, but it is worth the expense because of the eLearning and the security consultations; everything is included in the license."
  • More Veracode Pricing and Cost Advice →

  • "With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
  • More HCL AppScan Pricing and Cost Advice →

  • "The pricing is expensive."
  • "We pay for the solution annually and the price could be reduced."
  • More Visual Studio Test Professional Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security solutions are best for your needs.
    607,127 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:SonarQube is easy to deploy and configure, and also integrates well with other tools to do quality code analysis… more »
    Top Answer:You can easily integrate it with Azure DevOps. This is an added value because we work with Azure DevOps. Veracode is… more »
    Top Answer:The pricing is a little on the high side but since we combine our product into one suite, it is easy to do and works… more »
    Top Answer:The performance could be better. Sometimes it doesn't work so well. There's a tool for connecting the cloud with the… more »
    Top Answer:I have a set project, and I'm writing an application for monitoring server status, and I tried several times to scan it… more »
    Top Answer:Visual Studio is highly powerful. It's probably the best software development tool on the market.
    Top Answer:We have both options. Some licenses are paid yearly. Others are monthly subscriptions.
    Top Answer:Visual Studio Test Professional could improve by having better integration with external databases.
    Comparisons
    Also Known As
    IBM Security AppScan, Rational AppScan, AppScan
    Learn More
    Overview

    Veracode covers all your Application Security needs in one solution through a combination of five analysis types; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Unlike on-premise solutions that are hard to scale and focused on finding rather than fixing, Veracode comprises a unique combination of SaaS technology and on-demand expertise that enables DevSecOps through integration with your pipeline, and empowers developers to find and fix security defects.

    IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

    Visual Studio Professional Edition provides an IDE for all supported development languages. As of Visual Studio 2010, the Standard edition was dropped. MSDN support is available as MSDN Essentials or the full MSDN library depending on licensing. It supports XML and XSLT editing, and can create deployment packages that only use ClickOnce and MSI. It includes tools like Server Explorer and integration with Microsoft SQL Server also. Windows Mobile development support was included in Visual Studio 2005 Standard, however, with Visual Studio 2008, it is only available in Professional and higher editions. Windows Phone 7 development support was added to all editions in Visual Studio 2010. Development for Windows Mobile is no longer supported in Visual Studio 2010; it is superseded by Windows Phone 7.
    Offer
    Keep your software secure

    Application security starts with secure code. Find out more about the benefits of using Veracode to keep your software secure throughout the development lifecycle.

    Learn more about HCL AppScan
    Learn more about Visual Studio Test Professional
    Sample Customers
    State of Missouri, Rekner
    Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
    Transport for Greater Manchester, Ordina, Bluegarden A/S, CLEAResult, Jet.com, OSIsoft, Australian Taxation Office, BookedOut, Tracasa
    Top Industries
    REVIEWERS
    Financial Services Firm31%
    Insurance Company11%
    Computer Software Company11%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Computer Software Company27%
    Comms Service Provider14%
    Financial Services Firm12%
    Manufacturing Company7%
    REVIEWERS
    Government21%
    Transportation Company14%
    Manufacturing Company14%
    Insurance Company14%
    VISITORS READING REVIEWS
    Computer Software Company33%
    Comms Service Provider17%
    Government7%
    Financial Services Firm6%
    REVIEWERS
    Computer Software Company50%
    Transportation Company8%
    Healthcare Company8%
    Manufacturing Company8%
    VISITORS READING REVIEWS
    Computer Software Company28%
    Comms Service Provider16%
    Financial Services Firm8%
    Government8%
    Company Size
    REVIEWERS
    Small Business24%
    Midsize Enterprise27%
    Large Enterprise49%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise14%
    Large Enterprise70%
    REVIEWERS
    Small Business24%
    Midsize Enterprise10%
    Large Enterprise66%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise12%
    Large Enterprise71%
    REVIEWERS
    Small Business10%
    Midsize Enterprise25%
    Large Enterprise65%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise13%
    Large Enterprise72%
    Buyer's Guide
    Application Security
    June 2022
    Find out what your peers are saying about SonarSource, Veracode, Snyk and others in Application Security. Updated: June 2022.
    607,127 professionals have used our research since 2012.

    HCL AppScan is ranked 13th in Application Security with 7 reviews while Visual Studio Test Professional is ranked 14th in Functional Testing Tools with 8 reviews. HCL AppScan is rated 7.0, while Visual Studio Test Professional is rated 8.2. The top reviewer of HCL AppScan writes "Improves application security, identifies gaps, and performs well". On the other hand, the top reviewer of Visual Studio Test Professional writes "Offers lots of features, including memory analysis and code sharing". HCL AppScan is most compared with SonarQube, Micro Focus Fortify on Demand, PortSwigger Burp Suite Professional, OWASP Zap and Checkmarx, whereas Visual Studio Test Professional is most compared with TFS, Apache JMeter, Tricentis Tosca, Katalon Studio and Micro Focus UFT Developer.

    We monitor all Application Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.