What users are saying about
26 Ratings
3 Ratings
26 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 6 out of 101
3 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.5 out of 101

Likelihood to Recommend

Armor

Armor gives you what you need to be successful regardless of technical ability. If you can maintain the systems yourself, you are definitely ahead of the game with their service. If you're not prepared to configure and maintain the systems, they do a pretty good job of getting it set up during the onboarding process so that you don't need to dig into the technical guts too much. If you find yourself in over your head, their support staff can handle it for you in most cases.
No photo available

HCL AppScan

This application is well suited for all web applications with the primary difficulty being that is does not handle federated logins.However since we have validated our federation and vetted it well it is not a critical issue to bypass federation for scanning a site, only an inconvenience as we have to setup bypass authentication and then remove so that is cannot be used by an attacker
Seth Shestack profile photo

Pros

Armor

  • Security - we have requirements met right out of the box and the implementation of new resources is done with security in mind.
  • Speed - We can scale resources easy and the infrastructure is fast and efficient.
  • Responsiveness - Support tickets are handled very fast with almost immediate solutions.
LJ Wilson profile photo

HCL AppScan

  • AppScan works well in finding application vulnerabilities such as SQL injection, cross-site scripting and all of the OWASP top 10.
  • Flexible reporting allows us to generate executive reports for application owners as well as separate technical reports for developers and system engineers.
  • Technical reports include remediation information and cross reference CVSS scores
  • Because it maintains data on all repeated assessments it helps us to do trending and metrics on compliance
Seth Shestack profile photo

Cons

Armor

  • Authentication and access against the secure messaging portal is overkill when the response I'm logging in to see merely says, "yes, we have your message. An agent will respond shortly". There should be an option to receive updates like this through email.
  • The online portal that allows us to clone servers is very slow to respond. More than once I've spun up an additional server due to the lack of visual feedback on the initial request.
  • The web application firewall does not seem to be sophisticated enough to differentiate between logged in administrators and end users. We use a CMS system which allows admins to create scripts. These often get barred by the WAF even though they are not malicious.
No photo available

HCL AppScan

  • We have been asking IBM to upgrade the connectivity from scanner to database to use TLS 1.2. Currently uses TLS 1.0 which we are trying to completely deprecate from our environment.
  • We have been having some login issues with authenticated scans for applications that use federated login (Shibboleth) dur to re-directs and timeouts. For these systems we have to bypass the federation and login directly to the application.
Seth Shestack profile photo

Support

Armor

Armor 7.8
Based on 13 answers
Approximately 50% of all messages we receive are automated. Either that an agent will be assigned, has been assigned, or a ticket is closed. I'd like to see more 'real' interaction, and less box ticking, though I appreciate process has to be followed. That's the one point off. Everything else is very good.
No photo available

HCL AppScan

No score
No answers yet
No answers on this topic

Alternatives Considered

Armor

No answers on this topic

HCL AppScan

We have been using AppScan for about 14 years (Before it was acquired by IBM). A few years ago we did an upgrade from the standard edition to the enterprise edition (to allow several users at once) in order to accommodate the growth of our team. Prior to this upgrade we looked at several other products and decided to stay with AppScan.One of the major reasons was our familiarity with this product so that we could upgrade without the need to train our staff on a new product. All of these products were very close in comparison so we found no compelling reason to change.
Seth Shestack profile photo

Return on Investment

Armor

No answers on this topic

HCL AppScan

  • The positive impact is that it gives us a way to identify and remediate vulnerabilities in our web applications prior to being placed in production
Seth Shestack profile photo

Pricing Details

Armor

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

HCL AppScan

General

Free Trial
Free/Freemium Version
Premium Consulting/Integration Services
Entry-level set up fee?
No

Add comparison