We performed a comparison between Apache JMeter and HCL AppScan based on real PeerSpot user reviews.
Find out what your peers are saying about Apache, OpenText, Tricentis and others in Performance Testing Tools."JMeter is user-friendly, and that's a notable advantage of JVTech. It's straightforward and easy to use, unlike some other load testing tools, making it very easy to understand."
"The solution offers a lot of plug-ins and a huge continuously developing community that is regularly offering new features and plug-ins."
"We use Apache JMeter for load testing, where we provide the throughput time."
"The biggest thing I liked about it is that there is a huge user base out there, and being shareware and being Apache, if I have any question on how to get something done, I get 18 different answers. Out of those, there would be at least a few good approaches for what I was trying to do. So, the support system out there is most valuable."
"I appreciate JMeter's simplicity and power for performance testing."
"We are using it just for load testing. We are using its free version, and it is scalable."
"The reporting features are really good. There's a lot less latency than other solutions."
"It is cost-effective and simple to use."
"The static scans are good, and the SaaS as well."
"The reporting part is the most valuable feature."
"The solution is cheap."
"We are now deploying less defects to production."
"It's generally a very user-friendly tool. Anyone can easily learn how to scan"
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"The solution is easy to use."
"It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."
"They should improve the solution on its UI front."
"The installation needs some work. It could be simplified."
"They can improve it a little bit in terms of distribution load testing. We struggled with it during the distribution. In terms of reporting, runtime monitoring is not currently included, and it should be included. They can also improve it on the reporting side in terms of the comparison of the reports. They can also focus more on integration with CI/CD. Currently, people are using their own customized tools. It would be nice if Apache can provide some standard tools and procedures for integration with CI/CD tools like DPR. There are some tools, but it would be nice if official standard tools and procedures are available."
"What needs improvement in Apache JMeter is the very high load requirements when you want to scale it beyond certain thresholds. For example, small to mid-range testing is very easily done with Apache JMeter, but if you scale and increase the load, then it would be a problem because the tool consumes a lot of resources, probably because Apache JMeter provides an enriched UI experience, so it consumes a lot of memory and requires high CPU usage. This means you have to manage your infrastructure, or else you'll have high overhead expenses. As Apache JMeter is a heavyweight tool, that is an area for improvement, though I'm unsure if Apache can do something about it because it could be a result of the way it's architected. What I'd like to see from Apache JMeter in the future is for it to transition to the cloud, as a lot of cloud technologies emerge around the globe, and a lot of people prefer cloud-based solutions or cloud-native tools. Even if a company has a legacy system, it's still possible to transition to the cloud. I've worked with a company that was an on-premise company that moved to the cloud and became cloud-native. If Apache JMeter could transition to the cloud, similar to k6, then it could help lessen the intense resource consumption that's currently happening in Apache JMeter."
"The reporting is not very good."
"JMeter output reports can be difficult to understand without training."
"At times when we overload the application, it gets stuck...After the solution gets stuck due to overloading, we have to restart our computers. In short, the solution keeps crashing."
"In terms of platform support, they need to extend the support for backend platforms and more of the legacy types of platforms."
"Scans become slow on large websites."
"AppScan is too complicated and should be made more user-friendly."
"The penetration testing feature should be included."
"There is not a central management for static and dynamic."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"Visibility is an issue for us. Our partners do not know we have integrations with some of IBM products."
"The solution often has a high number of false positives. It's an aspect they really need to improve upon."
Apache JMeter is ranked 1st in Performance Testing Tools with 82 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. Apache JMeter is rated 7.8, while HCL AppScan is rated 7.8. The top reviewer of Apache JMeter writes "It's a free tool with a vast knowledge base, but the reporting is lackluster, and it has a steep learning curve". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Apache JMeter is most compared with BlazeMeter, Postman, Tricentis NeoLoad, Katalon Studio and OpenText LoadRunner Professional, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and PortSwigger Burp Suite Professional.
We monitor all Performance Testing Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.