• Home
  • Apache JMeter vs. HCL AppScan

Apache JMeter vs HCL AppScan comparison

Cancel
You must select at least 2 products to compare!
Apache Logo
Apache JMeter
Read 82 Apache JMeter reviews
7,770 views|6,334 comparisons
87% willing to recommend
HCLTech Logo
HCL AppScan
Read 41 HCL AppScan reviews
5,423 views|4,191 comparisons
82% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Performance Testing Tools
May 2024
Executive Summary

We performed a comparison between Apache JMeter and HCL AppScan based on real PeerSpot user reviews.

Find out what your peers are saying about Apache, OpenText, Tricentis and others in Performance Testing Tools.
To learn more, read our detailed Performance Testing Tools Report (Updated: May 2024).
Download the complete report
772,127 professionals have used our research since 2012.
Featured Review
Abin K Raj
Open-source with good community support and is very customizable
The solution is open source, so we don't have to pay for anything. That is a good thing since we can save the licensing costs, et cetera, as an... Read more →
AnanyaRoy
A stable and scalable product useful for application security scanning
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"JMeter is user-friendly, and that's a notable advantage of JVTech. It's straightforward and easy to use, unlike some other load testing tools, making it very easy to understand.""The solution offers a lot of plug-ins and a huge continuously developing community that is regularly offering new features and plug-ins.""We use Apache JMeter for load testing, where we provide the throughput time.""The biggest thing I liked about it is that there is a huge user base out there, and being shareware and being Apache, if I have any question on how to get something done, I get 18 different answers. Out of those, there would be at least a few good approaches for what I was trying to do. So, the support system out there is most valuable.""I appreciate JMeter's simplicity and power for performance testing.""We are using it just for load testing. We are using its free version, and it is scalable.""The reporting features are really good. There's a lot less latency than other solutions.""It is cost-effective and simple to use."

More Apache JMeter Pros →

"The static scans are good, and the SaaS as well.""The reporting part is the most valuable feature.""The solution is cheap.""We are now deploying less defects to production.""It's generally a very user-friendly tool. Anyone can easily learn how to scan""Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production.""The solution is easy to use.""It has certainly helped us find vulnerabilities in our software, so this is priceless in the end."

More HCL AppScan Pros →

Cons
"They should improve the solution on its UI front.""The installation needs some work. It could be simplified.""They can improve it a little bit in terms of distribution load testing. We struggled with it during the distribution. In terms of reporting, runtime monitoring is not currently included, and it should be included. They can also improve it on the reporting side in terms of the comparison of the reports. They can also focus more on integration with CI/CD. Currently, people are using their own customized tools. It would be nice if Apache can provide some standard tools and procedures for integration with CI/CD tools like DPR. There are some tools, but it would be nice if official standard tools and procedures are available.""What needs improvement in Apache JMeter is the very high load requirements when you want to scale it beyond certain thresholds. For example, small to mid-range testing is very easily done with Apache JMeter, but if you scale and increase the load, then it would be a problem because the tool consumes a lot of resources, probably because Apache JMeter provides an enriched UI experience, so it consumes a lot of memory and requires high CPU usage. This means you have to manage your infrastructure, or else you'll have high overhead expenses. As Apache JMeter is a heavyweight tool, that is an area for improvement, though I'm unsure if Apache can do something about it because it could be a result of the way it's architected. What I'd like to see from Apache JMeter in the future is for it to transition to the cloud, as a lot of cloud technologies emerge around the globe, and a lot of people prefer cloud-based solutions or cloud-native tools. Even if a company has a legacy system, it's still possible to transition to the cloud. I've worked with a company that was an on-premise company that moved to the cloud and became cloud-native. If Apache JMeter could transition to the cloud, similar to k6, then it could help lessen the intense resource consumption that's currently happening in Apache JMeter.""The reporting is not very good.""JMeter output reports can be difficult to understand without training.""At times when we overload the application, it gets stuck...After the solution gets stuck due to overloading, we have to restart our computers. In short, the solution keeps crashing.""In terms of platform support, they need to extend the support for backend platforms and more of the legacy types of platforms."

More Apache JMeter Cons →

"Scans become slow on large websites.""AppScan is too complicated and should be made more user-friendly.""The penetration testing feature should be included.""There is not a central management for static and dynamic.""In future releases, I would like to see more aggressive reports. I would also like to see less false positives.""The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed.""Visibility is an issue for us. Our partners do not know we have integrations with some of IBM products.""The solution often has a high number of false positives. It's an aspect they really need to improve upon."

More HCL AppScan Cons →

Pricing and Cost Advice
  • "Free"
  • "I switched to Apache because it is free. Other tools are much too expensive and can cost up to $50,000 a year if you are looking at commercial options."
  • "This is an open-source solution, and there are no fees."
  • "This is an open-source product."
  • "I was using the free version of the software."
  • "In terms of open-source adoption, it is completely free."
  • "We are using the free version, and if required, we can easily switch to the other version."
  • "When comparing the price with Load Runner, and if the cost is an issue then JMeter is a better choice"

    • More Apache JMeter Pricing and Cost Advice →

  • "AppScan is a little bit expensive. IBM needs to work a little bit on the pricing model, decreasing the license cost."
  • "With the features, that they offer, and the support, they offer, AppScan pricing is on a higher level."
  • "Pricing was the main reason that we went ahead with this solution as they were the lowest in the market."
  • "HCL AppScan is expensive."
  • "I would rate the product's pricing a nine out of ten. The product's pricing is expensive compared to the features that they offer."
  • "The price is very expensive."
  • "The solution is moderately priced."
  • "The price of HCL AppScan is okay, in my opinion. You just buy HCL AppScan and don't pay anything anymore, meaning it is just a one-time purchase."

    • More HCL AppScan Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Performance Testing Tools solutions are best for your needs.
    See Recommendations
    772,127 professionals have used our research since 2012.
    Questions from the Community
    How does Postman compare with Apache JMeter?
    Top Answer:Postman lets you easily define variables, which then get updated automatically. This is a huge time-saver and makes processes very efficient. We can also export the test cases we create and share them… more »
    Read all 3 answers   →
    How does BlazeMeter compare with Apache JMeter?
    Top Answer:Blazemeter is a continuous testing platform that provides scriptless test automation. It unifies functional and performance testing, enabling users to monitor and test public and private APIs We… more »
    What do you like most about Apache JMeter?
    Top Answer: I appreciate JMeter's simplicity and power for performance testing.
    Read all 48 answers   →
    What do you like most about HCL AppScan?
    Top Answer:The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase.
    Read all 18 answers   →
    What needs improvement with HCL AppScan?
    Top Answer:Improving usability could enhance the overall experience with AppScan. It would be beneficial to make the solution more user-friendly, ensuring that everyone can easily navigate and utilize its… more »
    Read all 21 answers   →
    What is your primary use case for HCL AppScan?
    Top Answer:I mainly use AppScan to secure various types of applications. I use its DAFDAT solution for black box scanning, as well as SaaS and source code validation. AppScan helps in scanning code for… more »
    Read all 19 answers   →
    Ranking
    1st
    out of 29 in Performance Testing Tools
    Views
    7,770
    Comparisons
    6,334
    Reviews
    43
    Average Words per Review
    480
    Rating
    7.7
    15th
    out of 74 in Application Security Tools
    Views
    5,423
    Comparisons
    4,191
    Reviews
    16
    Average Words per Review
    346
    Rating
    7.2
    Comparisons
    Also Known As
    JMeter
    IBM Security AppScan, Rational AppScan, AppScan
    Learn More
    Apache
    HCLTech
    Overview

    Apache JMeter is an open-source Java application that tests load and functional behavior and performance in applications. Created initially to test web applications, it has expanded its functionality to test other functions. For instance, you can test a server to see how efficiently it works and how many user requests can be handled simultaneously.

    You can use JMeter to test functional performance and regression tests on different technologies. This Java desktop application has an easy-to-use graphical interface which uses the Swing graphical API. You can run JMeter on any environment that accepts a Java virtual machine, such as Windows, Linux, and Mac.

    What protocols does JMeter support?

    • Web - HTTP, HTTPS
    • Web services - SOAP/XML-RPC
    • Email service - POP3, IMAP, SMTP
    • FTP service
    • Database via JDBC drivers
    • LDAP
    • Native commands or shell scripts
    • TCP
    • Java objects

    How does JMeter work?

    JMeter sends requests to a target server by simulating a group of user requests. Then it collects and calculates statistics on the performance of the target. This target can be a server or an application.

    You can test the performance of static resources, such as JavaScript or HTML, and dynamic resources, such as JSP, Servlets, and AJAX. It is also helpful to determine how many concurrent users your website can handle.

    There are two main tests you can carry out with JMeter: load test and stress test. The load test models expected usage of a server by simulating multiple users accessing the web server simultaneously. The stress testing aims to find the maximum load capacity of the server or application.

    Apache JMeter Key Features

    • JMeter enables fast test plan recording, building, and debugging via a featured test IDE (integrated development environment).
    • Command-line mode allows carrying out load tests from any OS compatible with Java.
    • JMeter can extract data from most popular response formats, such as HTML, JSON, XML.
    • JMeter is entirely portable.
    • A multithreading framework allows you to simultaneously test multiple samplings and separate thread groups.
    • Thanks to the caching feature, you can conduct offline analysis or replay test results.

    Apache JMeter Benefits

    • As open-source software, it is freely available and continuously improved.
    • The setup is user-friendly, and no installation is needed.
    • The GUI (graphic user interface) is intuitive and easy to use.
    • You can write your own tests and use the visualization plugins to extend the testing.
    • It is a platform-agnostic tool. For example, JMeter can work with Linux by clicking on the JMeter shell script. On Windows, you can call up JMeter by starting the jmeter.bat file.
    • Since the test plans are stored in XML format, you can generate a test plan using any text editor.
    • You can simulate a heavy load on a server, a group of servers, a network, or an object. Use JMeter to test an application or server's strength and performance under different load types.

    The JMeter extensible core has numerous benefits:

    • Unlimited testing capabilities via pluggable samplers.
    • You can choose multiple load statistics with pluggable timers.
    • Visualization plugins and data analysis enable customization.
    • Continuous integration via third-party open-source libraries (Maven, Gradle, and Jenkins).

    Reviews from Real Users

    Stephen B., I.T. Architect, Analyst, and Developer at an educational organization, says, "The scripting ability is most valuable. It is easy to use. There is a UI, and you can go in there and figure those things out. After you've got a good set of tests, you basically have a scripted document that you can grab and execute in a pipeline. It is pretty quick to set up, and you can scale it and version control it."

    "I like the fact that JMeter integrates well with other tools," adds the Founder and Principal Consultant at a tech services company.

    A Quality Engineering Delivery Leader at a financial services firm says, “The performance of the solution is excellent. They have designed the product so that it is very easy to configure. You can basically do anything you like with the product. It's not very restrictive. We like the fact that the technology is open-source.”

    IBM Security AppScan enhances web application security and mobile application security, improves application security program management and strengthens regulatory compliance. By scanning your web and mobile applications prior to deployment, AppScan enables you to identify security vulnerabilities and generate reports and fix recommendations.

    Sample Customers
    AOL, Orbitz, Innopath Software, PrepMe, Sapient, Corporate Express Australia, CSIRO, Ephibian, Talis, DATACOM, ALALOOP, eFusion, Panter, Sourcepole, University of Western Cape
    Essex Technology Group Inc., Cisco, West Virginia University, APIS IT
    Top Industries
    REVIEWERS
    Computer Software Company38%
    Financial Services Firm30%
    Energy/Utilities Company4%
    Renewables & Environment Company4%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company17%
    Manufacturing Company8%
    Government6%
    REVIEWERS
    Government15%
    Transportation Company15%
    Comms Service Provider10%
    Financial Services Firm10%
    VISITORS READING REVIEWS
    Computer Software Company18%
    Financial Services Firm14%
    Government10%
    Manufacturing Company9%
    Company Size
    REVIEWERS
    Small Business25%
    Midsize Enterprise24%
    Large Enterprise52%
    VISITORS READING REVIEWS
    Small Business17%
    Midsize Enterprise13%
    Large Enterprise70%
    REVIEWERS
    Small Business24%
    Midsize Enterprise13%
    Large Enterprise63%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise12%
    Large Enterprise72%
    Buyer's Guide
    Performance Testing Tools
    May 2024
    Download Free Report
    Find out what your peers are saying about Apache, OpenText, Tricentis and others in Performance Testing Tools. Updated: May 2024.
    DOWNLOAD NOW
    772,127 professionals have used our research since 2012.

    Apache JMeter is ranked 1st in Performance Testing Tools with 82 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. Apache JMeter is rated 7.8, while HCL AppScan is rated 7.8. The top reviewer of Apache JMeter writes "It's a free tool with a vast knowledge base, but the reporting is lackluster, and it has a steep learning curve". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". Apache JMeter is most compared with BlazeMeter, Postman, Tricentis NeoLoad, Katalon Studio and OpenText LoadRunner Professional, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and PortSwigger Burp Suite Professional.

    We monitor all Performance Testing Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.