TrustRadius

GitHub vs. HCL AppScan

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
GitHub
Score 9.1 out of 10
N/A
GitHub is a platform that hosts public and private code and provides software development and collaboration tools. Features include version control, issue tracking, code review, team management, syntax highlighting, etc. Personal plans ($0-50), Organizational plans ($0-200), and Enterprise plans are available.
$4
per month per user
HCL AppScan
Score 4.4 out of 10
N/A
AppScan (formerly Rational AppScan) is an application security testing solution acquired by HCL Technologies from IBM in late 2018. Appscan supports both dynamic (DAST) and static (SAST) application security testing.N/A
Pricing
GitHubHCL AppScan
Editions & Modules
Team
$40
per year per user
Enterprise
$210
per year per user
No answers on this topic
Offerings
Pricing Offerings
GitHubHCL AppScan
Free Trial
YesYes
Free/Freemium Version
YesNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
GitHubHCL AppScan
Features
GitHubHCL AppScan
Version Control Software Features
Comparison of Version Control Software Features features of Product A and Product B
GitHub
9.3
10 Ratings
7% above category average
HCL AppScan
-
Ratings
Branching and Merging9.610 Ratings00 Ratings
Version History9.610 Ratings00 Ratings
Version Control Collaboration Tools9.69 Ratings00 Ratings
Pull Requests9.710 Ratings00 Ratings
Code Review Tools8.79 Ratings00 Ratings
Project Access Control9.010 Ratings00 Ratings
Automated Testing Integration8.710 Ratings00 Ratings
Issue Tracking Integration8.710 Ratings00 Ratings
Branch Protection9.89 Ratings00 Ratings
Best Alternatives
GitHubHCL AppScan
Small Businesses
Git
Git
Score 10.0 out of 10
GitLab
GitLab
Score 8.8 out of 10
Medium-sized Companies
Git
Git
Score 10.0 out of 10
Veracode
Veracode
Score 8.8 out of 10
Enterprises
Perforce P4
Perforce P4
Score 7.2 out of 10
Veracode
Veracode
Score 8.8 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
GitHubHCL AppScan
Likelihood to Recommend
9.7
(131 ratings)
8.3
(6 ratings)
Likelihood to Renew
10.0
(1 ratings)
-
(0 ratings)
Usability
9.4
(10 ratings)
-
(0 ratings)
Support Rating
8.8
(26 ratings)
-
(0 ratings)
User Testimonials
GitHubHCL AppScan
Likelihood to Recommend
GitHub
GitHub is an easy to go tool when it comes to Version Controlling, CI/CD workflows, Integration with third party softwares. It's effective for any level of CI/CD implementation you would like to. Also the the cost of product is also very competitive and affordable. As of now GitHub lacks capabilities when it comes to detailed project management in comparison to tools like Jira, but overall its value for money.
Verified User
Anonymous
Read full review
HCLSoftware
In HCL AppScan automation maintain a reasonable pace of review and remediation of flaws for our apps. HCL AppScan is a cloud-based enterprise mobile application security testing solution for Android and iOS applications developed using Java, .Net or Objective-C. So it covers all our area and It consists of three components: AppScan Source Edition for developing and testing apps internally, AppScan Standard Edition for testing internally or externally, and AppScan Enterprise Edition for large enterprises who need to secure their entire mobile application portfolio across the organization with multiple device types.
Sanjana Gupta | TrustRadius Reviewer
Sanjana Gupta
Internet Marketing Manager
Read full review
Pros
GitHub
  • Version control: GitHub provides a powerful and flexible Git-based version control system that allows teams to track changes to their code over time, collaborate on code with others, and maintain a history of their work.
  • Code review: GitHub's pull request system enables teams to review code changes, discuss suggestions and merge changes in a central location. This makes it easier to catch bugs and ensure that code quality remains high.
  • Collaboration: GitHub provides a variety of collaboration tools to help teams work together effectively, including issue tracking, project management, and wikis.
Verified User
Anonymous
Read full review
HCLSoftware
  • AppScan works well in finding application vulnerabilities such as SQL injection, cross-site scripting and all of the OWASP top 10.
  • Flexible reporting allows us to generate executive reports for application owners as well as separate technical reports for developers and system engineers.
  • Technical reports include remediation information and cross reference CVSS scores
  • Because it maintains data on all repeated assessments it helps us to do trending and metrics on compliance
SS
Seth Shestack
Executive Director, Deputy CISO
Read full review
Cons
GitHub
  • Not an easy tool for beginners. Prior command-line experience is expected to get started with GitHub efficiently.
  • Unlike other source control platforms GitHub is a little confusing. With no proper GUI tool its hard to understand the source code version/history.
  • Working with larger files can be tricky. For file sizes above 100MB, GitHub expects the developer to use different commands (lfs).
  • While using the web version of GitHub, it has some restrictions on the number of files that can be uploaded at once. Recommended action is to use the command-line utility to add and push files into the repository.
Verified User
Anonymous
Read full review
HCLSoftware
  • It can have a FAQ session in the Application itself.
  • It can recommend the fix for the error that occurred during the scan.
  • Like its storing multiple manuals explore, It should have the capability of storing multiple logins.
Verified User
Anonymous
Read full review
Likelihood to Renew
GitHub
GitHub's ease of use and continued investment into the Developer Experience have made it the de facto tool for our engineers to manage software changes. With new features that continue to come out, we have been able to consolidate several other SaaS solutions and reduce the number of tools required for each engineer to perform their job responsibilities.
Verified User
Anonymous
Read full review
HCLSoftware
No answers on this topic
Usability
GitHub
GitHub is a clean and modern interface. The underlying integrations make it smooth to couple tasks, projects, pull requests and other business functions together. The insights and reporting is really strong and is getting better with every release. GitHub's PR tooling is strong for being web based, i do believe a better code editor would rival having to pull merge conflicts into local IDE.
Timothy Wood | TrustRadius Reviewer
Timothy Wood
Founder/CEO
Read full review
HCLSoftware
No answers on this topic
Support Rating
GitHub
There are a ton of resources and tutorials for GitHub online. The sheer number of people who use GitHub ensures that someone has the exact answer you are looking for. The docs on GitHub itself are very thorough as well. You will often find an official doc along with the hundreds of independent tutorials that answers your question, which is unusual for most online services.
Tim Hardy | TrustRadius Reviewer
Tim Hardy
Senior Developer
Read full review
HCLSoftware
No answers on this topic
Alternatives Considered
GitHub
While I don't have very much experience with these 2 solutions, they're two of the most popular alternatives to GitHub. Bitbucket is from Atlassian, which may make sense for a team that is already using other Atlassian tools like Jira, Confluence, and Trello, as their integration will likely be much tighter. Gitlab on the other hand has a reputation as a very capable GitHub replacement with some features that are not available on GitHub like firewall tools.
Frank Ramirez | TrustRadius Reviewer
Frank Ramirez
Co-Founder, CTO and Product Lead
Read full review
HCLSoftware
Both solutions are decent, however, I had team members who had the experience working with HCL AppScan. Also, the product was priced nominally which suited our budget. Further, HCL AppScan's user community was bigger and many learning resources were freely available which helped junior peers learn quickly and eliminate any issues
Verified User
Anonymous
Read full review
Return on Investment
GitHub
  • Team collaboration significantly improved as everything is clearly logged and maintained.
  • Maintaining a good overview of items will be delivered wrt the roadmap for example.
  • Knowledge management and tracking. Over time a lot of tickets, issues and comments are logged. GitHub is a great asset to go back and review why x was y.
Verified User
Anonymous
Read full review
HCLSoftware
  • There are countless implementations to accomplish the same thing, and so many configurations are required.
  • Even if you test it finished and find no vulnerabilities, there is no point if you just get the error screen.
  • Until now, I was worried about vulnerabilities and security in software development, but I think it was good to find the vulnerability problem quickly with HCL AppScan.
Brandon R Hudson | TrustRadius Reviewer
Brandon R Hudson
Software Engineer
Read full review
ScreenShots

HCL AppScan Screenshots

Screenshot of Cloud Security: AppScan will scan Docker containers and container images to ensure that third party components have not introduced vulnerabilities to an application. Software composition analysis (SCA) tools help organizations inventory third-party commercial and open source components used within their software to understand which components and versions are being used and to identify security vulnerabilities affecting those components.Screenshot of API Testing: This dangerous attack vector can be secured by identifying vulnerable third-party components, automating and integrating API testing and detecting issues in the IDE.Screenshot of Auto Issue Correlation: AppScan leverages three technologies (DAST, SAST, IAST) to enrich results, validate fixes and reduce the number remediation tasks by grouping issues together.Screenshot of 30+ Code Languages Supported: HCL AppScan offers an extensive list of supported code languages.