We performed a comparison between HCL AppScan and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."You can easily find particular features and functions through the UI."
"It provides a better integration for our ecosystem."
"This is a stable solution."
"The UI was very intuitive."
"The most valuable feature of the solution is Postman."
"The product is useful, particularly in its sensitivity and scanning capabilities."
"It was easy to set up."
"It comes with all of the templates that we need. For example, we are a company that is regulated by PCI. In order to be PCI compliant, we have a lot of checks and procedures to which we have to comply."
"The most valuable feature is Burp Collaborator."
"The most valuable feature is the application security. It also has a reasonable price."
"The intercepting feature is the most valuable."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"The solution is stable."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"The most valuable features are Burp Intruder and Burp Scanner."
"It's good testing software."
"Visibility is an issue for us. Our partners do not know we have integrations with some of IBM products."
"The dashboard, for AppScan or the Fortified fast tool, which we use needs to be improved."
"IBM Security AppScan needs to add performance optimization for quickly scanning the target web applications."
"We have experienced challenges when trying to integrate this solution with other products. When you compare it with the other SecOps products, the quality of the output is too low. It is not a new-age product. It is very outdated."
"Scans become slow on large websites."
"I would like to see the roadmap for this product. We are still waiting to see it as we have only so many resources."
"In future releases, I would like to see more aggressive reports. I would also like to see less false positives."
"The pricing has room for improvement."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"I would like to see the return of the spider mechanism instead of the crawling feature. Burp Suite's earlier version 1.7 had an excellent spider option, and it would be beneficial if Burp incorporated those features into the current version. The crawling techniques used in the current version are not as efficient as those used in earlier versions."
"Sometimes the solution can run a little slow."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"The solution doesn't offer very good scalability."
"As with most automated security tools, too many false positives."
"The pricing of the solution is quite high."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
HCL AppScan is ranked 15th in Application Security Tools with 40 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. HCL AppScan is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of HCL AppScan writes " A stable and scalable product useful for application security scanning". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". HCL AppScan is most compared with SonarQube, Veracode, Acunetix, OWASP Zap and Checkmarx One, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Qualys Web Application Scanning and SonarQube. See our HCL AppScan vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.