We performed a comparison between HCL AppScan and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The static scans are good, and the SaaS as well."
"There's extensive functionality with custom rules and a custom knowledge base."
"The UI was very intuitive."
"This solution saves us time due to the low number of false positives detected."
"The most valuable feature of HCL AppScan is scanning QR codes."
"The security and the dashboard are the most valuable features."
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"You can easily find particular features and functions through the UI."
"The product prevents possible vulnerabilities in our network."
"This product is designed for easy scalability and can easily scale up without major challenges."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
"It is easy to use."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"Its most valuable features are patch management, vulnerability management, and PCI compliance."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"There are so many lines of code with so many different categories that I am likely to get lost. "
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"Many silly false positives are produced."
"Visibility is an issue for us. Our partners do not know we have integrations with some of IBM products."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"One thing which I think can be improved is the CI/CD Integration"
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
"There could be better management and faster scanning."
"In certain cases, this product does have false positives, which the company should work on."
"The support could be faster."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The solution needs to adjust its pricing. They should make it more affordable."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"Deployment can be complicated."
"The virus code updates are not frequent enough."
More Qualys Web Application Scanning Pricing and Cost Advice →
HCL AppScan is ranked 14th in Application Security Tools with 39 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. HCL AppScan is rated 7.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, Checkmarx One and Snyk, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, PortSwigger Burp Suite Professional and Checkmarx One. See our HCL AppScan vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.