It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application.

Its installation and maintenance are not easy. Its updates and upgrades are hard.

Its performance needs to be stabilized. It should also be able to find more vulnerabilities than other tools.

It is expensive. Its price needs to be improved.

The scanner could be better. 

The out of bounds channel is missing and it makes it hard to nail down the vulnerabilities.

Our biggest complaint about this product is that it freezes up, and literally doesn't work for us. It may be in part the way we have it set up, or how we've licensed it.

It is awkward and not very friendly to work with.

The version that I am using is not capable of generating reports to HTML or PDF, so I can't share them. I have to get somebody else to log into the application and view the results themselves. Simply, I can't output a report that I can easily share.

The solution is on the expensive side. It's something that clients comment on. If they could make it more reasonable, it would be better.

Lately, we've seen more false negatives.