HCL AppScan Reviews

HCL AppScan achieved a 50% return on investment, enhancing microservices-led architecture and minimizing errors by integrating DevOps processes. It significantly reduced vulnerabilities, yielding 20% cost savings overall for users, including banks in Brazil. Many experienced ROI within six months. While financial details are not always disclosed, HCL AppScan improved applications' attack surfaces post-deployment and lowered defects efficiently.

HCL AppScan is generally viewed as expensive but offers various pricing models and potential discounts. Many users find the pricing justified by the features, while others deem it premium. Some prefer the token-based model for flexibility. Compared to competitors, AppScan can be more affordable, yet some users see room for price reduction. It's often considered cost-effective by those who prioritize comprehensive security and code analysis needs. Licensing fees typically don't include extra charges.

• "The product is moderately priced, though it's an investment due to extensive code analysis needs."
• "The solution is cheap."
• "The product has premium pricing and could be more competitive."

HCL AppScan is primarily utilized for identifying security weaknesses in code, both in static and dynamic contexts. Users integrate it into their development processes, especially within DevOps and DevSecOps environments, to assess vulnerabilities before deployment. It is employed in QA cycles, CI/CD pipelines, and is used for web and source code scanning. Additionally, some users leverage its features for enhancing performance monitoring and exploring ethical hacking methodologies.

HCL AppScan's customer service is generally responsive and knowledgeable, with swift ticket handling and helpful support. Many users find the service satisfactory, but some note delays due to geographical differences and insufficient regional resources, particularly in the Gulf region. Past associations with IBM have influenced perceptions, though recent improvements are acknowledged. Comparisons with Veracode highlight areas for enhancement, specifically in proactive communication and service reliability. Overall satisfaction varies, with ratings from six to ten out of ten.

Many find HCL AppScan's initial setup easy and straightforward, often requiring only a few hours to a couple of days. Others report complexity and needing assistance from professional services due to integration with large environments or specific customizations. Factors like deployment model and previous experience influence ease of setup. Some mention the need for technical support during setup phases. The setup experience varies widely, with ratings typically ranging from six to ten out of ten.

HCL AppScan is largely regarded as scalable, although some users experience challenges. Licensing plays a significant role in scalability concerns since one license per machine is required. Users appreciate its cloud-based capabilities, rating scalability from moderate to excellent. While integration issues have been noted, these are often resolved, resulting in good performance for companies of various sizes. Hardware allocation and CI/CD program design influence scalability effectiveness. Mixed experiences exist, with some finding it sufficient, and others less so.

HCL AppScan is described as stable by many users. Few have reported minor glitches or performance issues, often linked to hardware rather than the software itself. Stability ratings range from seven to eight out of ten. Some note that updates have improved its stability significantly, and it supports continuous vulnerability assessments without major issues. Overall, it's reliable and doesn't have substantial bugs or downtime, even under concurrent usage.