We performed a comparison between GitLab and HCL AppScan based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We have seen a couple of merge requests or pull requests raised in GitLab. I see the interface, the way it shows the difference between the two source codes, that it is easy for anyone to do the review and then accept the request; the pull request is the valuable feature."
"The solution makes the CI/CD pipelines easy to execute."
"I like GitLab's security and SAS tools."
"The solution's most valuable feature is that it is compatible with GitHub. The product's integration capabilities are sufficient for our small company of 35 people."
"The tool helps to integrate CI/CD pipeline deployments. It is very easy to learn. Its security model is good."
"Of all available products, it was the easiest to use and easy to install."
"The most valuable features of GitLab are ease of use and highly intuitive UI and performance."
"The most valuable features of Gitlab are integration with CIE and the ability to rapidly deploy solutions, projects, and applications. It is very easy to use, and there are no complaints."
"The product has valuable features for static and dynamic testing."
"Technical support is helpful."
"It provides a better integration for our ecosystem."
"This is a stable solution."
"We are now deploying less defects to production."
"The UI was very intuitive."
"The solution is easy to use."
"AppScan is stable."
"GitLab's Windows version is yet not available and having this would be an improvement."
"Even if I say I want some improvement, they will say it is already planned in the first quarter, second quarter, or third quarter. That said, most everything is quite improved already, and they're improving even further still."
"I believe there's room for improvement in the advanced features, particularly in enhancing the pipeline functionalities."
"GitLab would be improved with the addition of templates for deployment on local PCs."
"We have only seen a couple of issues on Gitlab, which we use for building some of the applications."
"When deploying the solution on cloud and the CI/CD pipeline, we have to define the steps and it becomes confusing."
"I don't really like the new Kubernetes integration because it is pretty focused on the on-premise environment, but we're in a hybrid environment."
"Atlassian offers more products than GitLab. GitLab offers source control management, version control and collaboration between developers. Atlassian offers features on top of this as well as more integration points for developers."
"There is room for improvement in the pricing model."
"They should have a better UI for dashboards."
"The solution's scalability can be a matter of concern because one license runs on one machine only."
"They have to improve support."
"We would like to integrate with some of the other reporting tools that we're planning to use in the future."
"The penetration testing feature should be included."
"The pricing has room for improvement."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
GitLab is ranked 7th in Application Security Tools with 70 reviews while HCL AppScan is ranked 15th in Application Security Tools with 41 reviews. GitLab is rated 8.6, while HCL AppScan is rated 7.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". GitLab is most compared with Microsoft Azure DevOps, SonarQube, Bamboo, AWS CodePipeline and Tekton, whereas HCL AppScan is most compared with SonarQube, Veracode, Acunetix, PortSwigger Burp Suite Professional and OWASP Zap. See our GitLab vs. HCL AppScan report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.