We performed a comparison between HCL AppScan and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The static scans are good, and the SaaS as well."
"Usually when we deploy the application, there is a process for ethical hacking. The main benefit is that, the ethical hacking is almost clean, every time. So it's less cost, less effort, less time to production."
"The solution is cheap."
"It was easy to set up."
"It identifies all the URLs and domains on its own and then performs tests and provides the results."
"The solution offers services in a few specific development languages."
"The most valuable feature of HCL AppScan is its integration with the SDLC, particularly during the coding phase."
"Compared to other tools only AppScan supports special language."
"It is easy to use."
"It is a cloud-based solution, so it is easy to scale."
"The most valuable feature of Qualys Web Application Scanning is the effective scanning that can be done."
"You can integrate your Burp Suite results and create an integrated report. Also, the way it shows the results - threats and exploit details - makes remediation very easy."
"It combines both web application vulnerability management and internal vulnerability management on one platform and dashboard. Usually, you have to purchase separate tools."
"The product prevents possible vulnerabilities in our network."
"By using QualysGuard, we are able to finish external scans with assured results in half the time."
"The interface is user-friendly and easy to understand."
"The solution needs to improve in some areas. The tool needs to add more languages. It also needs to improve its speed."
"I think being able to search across more containers, especially some of the docker elements. We need a little tighter integration there. That's the only thing I can see at this point."
"There is room for improvement in the pricing model."
"There is not a central management for static and dynamic."
"The pricing has room for improvement."
"Scans become slow on large websites."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"The product has some technical limitations."
"We procured around 110 licenses for Web Application Scanning, but we have issues running concurrent scans. I don't currently have the option to trigger scans for all 100-plus websites. The default limit is around 10 conference scans. It's not very scalable, to be honest, because of the limitation that they put on concurrent scans."
"In certain cases, this product does have false positives, which the company should work on."
"The software’s pricing could be improved."
"It should have better automatic reporting."
"The UI is not user-friendly and you don't have a yearly reporting facility where you can slice and dice in different jobs."
"They should try to include business logic vulnerabilities in the scanner testing."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"The reporting contains too many false positives."
More Qualys Web Application Scanning Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 41 reviews while Qualys Web Application Scanning is ranked 18th in Application Security Tools with 31 reviews. HCL AppScan is rated 7.8, while Qualys Web Application Scanning is rated 7.8. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Snyk, whereas Qualys Web Application Scanning is most compared with OWASP Zap, SonarQube, Veracode, PortSwigger Burp Suite Professional and Checkmarx One. See our HCL AppScan vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.