HCL AppScan Product Guide

HCL AppScan Product Guide

Ever wondered how HCL AppScan’s users think it performs? Our detailed guide, synthesized from honest user experiences, can help you figure out what works well and what doesn’t. Discover the strengths and weaknesses of HCL AppScan before making a purchase decision.

Highlight the Right Reviews

Throughout the guide below, there are links directly to reviews. Select the reviewers most relevant to you, and those links will be highlighted in blue.






Application and Software Security

Application Security Testing

Reviewers consistently highlight HCL AppScan’s application security testing as a standout feature, emphasizing its ability to identify vulnerabilities and flaws in both dynamic and static environments. Users appreciate the comprehensive coverage across various programming languages and the ease of use with its user-friendly interface. While some users mention minor issues like longer execution times, overall, the sentiment leans towards positive, with users acknowledging the value of HCL AppScan in enhancing the security posture of their applications through thorough testing and analysis. (Source Reviews: 1, 2, 3, 4, 5)

“HCL AppScan enables our organizations to secure our mobile and web apps by identifying vulnerabilities and flaws before they are deployed into production environment.”Manager in Marketing, Information Technology & Services, 11-50 employees

“The best thing about this application is the variety of configurations we can do depending on the scenario and the ping capacity.”Engineer in Engineering, Computer Software, 10,001+ employees

“HCL AppScan provides mobile application scan with predefined templates integration with common code repositories supported Supports 13+ languages including C/C++, COBOL, ColdFusion, Java™ , Android, JSP, JavaScript, Perl, PHP, PL/SQL/T-SQL, C#, ASP.NET, and VB.NET.”Program Manager in Information Technology, Telecommunications, 10,001+ employees

Mobile Application Security

Users generally appreciate HCL AppScan’s robust mobile application security features. Reviewers highlight the platform’s ability to identify vulnerabilities and flaws in mobile and web apps before deployment, ensuring a secure production environment. While some users mention that setup and configuration require upfront planning, the platform’s predefined templates and support for various programming languages contribute to its effectiveness in securing mobile applications. Additionally, the learning capabilities of HCL AppScan to test application-specific vulnerabilities are seen as a valuable asset by users. However, there are occasional reports of application crashes and resource-intensive scans leading to longer run-times, which can impact the overall user experience. (Source Reviews: 1, 2)

“HCL AppScan enables our organizations to secure our mobile and web apps by identifying vulnerabilities and flaws before they are deployed into production environment.”Manager in Marketing, Information Technology & Services, 11-50 employees

“May be resource intensive which can cause long run-times for dynamic scans the application crashes sometimes.”Program Manager in Information Technology, Telecommunications, 10,001+ employees

Software Development Security

Users generally appreciate HCL AppScan’s role in enhancing software development security. The reviews highlight the software’s effectiveness in identifying vulnerabilities quickly, aiding in the timely resolution of security flaws in developing applications. While some users find the tool to be well-engineered and reliable in reducing errors and promoting security best practices, others express concerns about the lack of innovation and automation features compared to alternative solutions in the market. Additionally, there is feedback on the need to minimize false positives generated by the software, indicating areas for potential improvement in its software development security capabilities. (Source Reviews: 1, 2, 3)

“HCL AppScan is a source code analysis tool usually known as Static Application Security Testing (SAST) Tool. The solution is well-engineered and is rated among the leaders in the market. It helped my team reduce errors and ensure we followed security best practices in our software development cycle.”Team Lead in Marketing, Information Technology & Services, 5001-10,000 employees

“Until now, I was worried about vulnerabilities and security in software development, but I think it was good to find the vulnerability problem quickly with HCL AppScan.”Engineer in Information Technology, Information Technology & Services, 501-1000 employees

“Even if you test it finished and find no vulnerabilities, there is no point if you just get the error screen.”Engineer in Information Technology, Information Technology & Services, 501-1000 employees

Security Management and Compliance

Vulnerability Management

Reviewers generally agree that HCL AppScan’s vulnerability management capabilities are a strong point. Users appreciate the application’s ability to identify vulnerabilities, provide detailed reports, and offer various configurations to suit different scenarios. The scheduling function for regular vulnerability diagnosis is seen as convenient, helping organizations stay proactive in addressing security issues. While some users mention the need for improvements in upfront planning for configuration and resource management, overall, HCL AppScan is praised for its effectiveness in quickly identifying and addressing vulnerabilities to enhance overall security posture. (Source Reviews: 1, 2, 3, 4, 5)

“Until now, I was worried about vulnerabilities and security in software development, but I think it was good to find the vulnerability problem quickly with HCL AppScan.”Engineer in Information Technology, Information Technology & Services, 501-1000 employees

“There are countless implementations to accomplish the same thing, and so many configurations are required; Even if you test it finished and find no vulnerabilities, there is no point if you just get the error screen.”Engineer in Information Technology, Information Technology & Services, 501-1000 employees

Security Remediation Strategies

Users generally appreciate HCL AppScan’s robust security remediation capabilities. Reviewers highlight the application’s ability to provide predefined templates for remediation, making it easier to address vulnerabilities efficiently. Some users have suggested improvements such as recommending fixes for errors encountered during scans to further enhance the remediation process. Despite some minor drawbacks like the need for upfront planning and potential resource intensiveness, the consensus leans towards acknowledging HCL AppScan’s effectiveness in security remediation strategies. (Source Reviews: 1, 2, 3, 4)

“HCL AppScan provides mobile application scan with predefined templates integration with common code repositories supported Supports 13+ languages including C/C++, COBOL, ColdFusion, Java™ , Android, JSP, JavaScript, Perl, PHP, PL/SQL/T-SQL, C#, ASP.NET, and VB.NET on the other hand, it requires upfront planning for setup and configuration the recording of the application is crucial to have valuable test completion There is quite a complex list of supported browsers May be resource intensive which can cause long run-times for dynamic scans the application crashes sometimes.”Program Manager in Information Technology, Telecommunications, 10,001+ employees

“HCL AppScan is a cloud-based enterprise mobile application security testing solution for Android and iOS applications developed using Java, .Net or Objective-C. So it covers all our area and It consists of three components: AppScan Source Edition for developing and testing apps internally, AppScan Standard Edition for testing internally or externally, and AppScan Enterprise Edition for large enterprises who need to secure their entire mobile application portfolio across the organization with multiple device types.”Manager in Marketing, Information Technology & Services, 11-50 employees

“The best thing about this application is the variety of configurations we can do depending on the scenario and the ping capacity.”Engineer in Engineering, Computer Software, 10,001+ employees

Security Reporting and Compliance

Users have varying opinions on the effectiveness of HCL AppScan’s security reporting and compliance features. Some users appreciate the detailed and instant reports generated by the platform, which aid in identifying vulnerabilities and ensuring compliance. However, others find certain functions challenging to understand and feel that the reports may lack thorough explanations, leading to difficulties in addressing identified issues. Despite these mixed reviews, HCL AppScan’s security reporting and compliance capabilities seem to play a significant role in enhancing the overall security posture of applications for many users. (Source Reviews: 1, 2, 3, 4)

“The configurations in the application enable protection of business-critical applications from security threats, vulnerabilities, and compliance violations. It offers best protection in the market right now.”Manager in Marketing, Information Technology & Services, 11-50 employees

“I think it is convenient to be able to diagnose vulnerabilities regularly with the scheduling function.”Engineer in Information Technology, Information Technology & Services, 501-1000 employees

“Issues presented in the vulnerability diagnostic report may not be fully explained and not well understood.”Engineer in Information Technology, Information Technology & Services, 501-1000 employees

About the Author

TrustRadius Product Guides are created by synthesizing user reviews to identify commonly discussed topics. These guides highlight common use cases, frequently used features, and more. While this is a beta feature, it is our mission is to provide you with the best information possible to make confident and trusted technology decisions. If you feel something is missing or incorrect, please let us know.

Sign up to receive more buyer resources and tips.