TrustRadius

HCL AppScan vs. Rapid7 AppSpider

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
HCL AppScan
Score 8.0 out of 10
N/A
AppScan (formerly Rational AppScan) is an application security testing solution acquired by HCL Technologies from IBM in late 2018. Appscan supports both dynamic (DAST) and static (SAST) application security testing.N/A
Rapid7 AppSpider
Score 8.6 out of 10
N/A
AppSpider, from Boston-based Rapid7, is an application security and testing offering based on technology acquired from NT OBJECTives (their similarly named software NTOSpider, acquired with the company during April, 2015).
$2,000
Per Application
Pricing
HCL AppScanRapid7 AppSpider
Editions & Modules
No answers on this topic
InsightAppSec
$2,000.00
Per Application
Offerings
Pricing Offerings
HCL AppScanRapid7 AppSpider
Free Trial
YesNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details——
More Pricing Information
Community Pulse
HCL AppScanRapid7 AppSpider
Considered Both Products
HCL AppScan
SS
Seth Shestack
Executive Director, Deputy CISO
Chose HCL AppScan
We have been using AppScan for about 14 years (Before it was acquired by IBM). A few years ago we did an upgrade from the standard edition to the enterprise edition (to allow several users at once) in order to accommodate the growth of our team. Prior to this upgrade we looked …
Rapid7 AppSpider

No answer on this topic

Top Pros
Top Cons
Best Alternatives
HCL AppScanRapid7 AppSpider
Small Businesses
GitLab
GitLab
Score 8.9 out of 10
GitLab
GitLab
Score 8.9 out of 10
Medium-sized Companies
GitLab
GitLab
Score 8.9 out of 10
GitLab
GitLab
Score 8.9 out of 10
Enterprises
GitLab
GitLab
Score 8.9 out of 10
GitLab
GitLab
Score 8.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
HCL AppScanRapid7 AppSpider
Likelihood to Recommend
8.4
(6 ratings)
8.0
(2 ratings)
User Testimonials
HCL AppScanRapid7 AppSpider
Likelihood to Recommend
HCL Technologies
In HCL AppScan automation maintain a reasonable pace of review and remediation of flaws for our apps. HCL AppScan is a cloud-based enterprise mobile application security testing solution for Android and iOS applications developed using Java, .Net or Objective-C. So it covers all our area and It consists of three components: AppScan Source Edition for developing and testing apps internally, AppScan Standard Edition for testing internally or externally, and AppScan Enterprise Edition for large enterprises who need to secure their entire mobile application portfolio across the organization with multiple device types.
Sanjana Gupta | TrustRadius Reviewer
Sanjana Gupta
Internet Marketing Manager
Read full review
Rapid7
Rapid7 AppSpider could be your default DAST (Dynamic Application Security Testing), it covers the OWASP top 10 for web and APIs. Great tools, with a very nice and understandable report and analytics, work excellent for one-shot or continuous monitoring of your web assets. Also has a fair amount of integrations with other popular tools.
Randy Varela | TrustRadius Reviewer
Randy Varela
Offensive Security Engineer Lead
Read full review
Pros
HCL Technologies
  • AppScan works well in finding application vulnerabilities such as SQL injection, cross-site scripting and all of the OWASP top 10.
  • Flexible reporting allows us to generate executive reports for application owners as well as separate technical reports for developers and system engineers.
  • Technical reports include remediation information and cross reference CVSS scores
  • Because it maintains data on all repeated assessments it helps us to do trending and metrics on compliance
SS
Seth Shestack
Executive Director, Deputy CISO
Read full review
Rapid7
  • Does a great job scanning Single Page Apps as well as APIs etc.
  • We use this weekly and have faced no scan errors due to process failures or accidentally DoSing etc.
Verified User
Anonymous
Read full review
Cons
HCL Technologies
  • It can have a FAQ session in the Application itself.
  • It can recommend the fix for the error that occurred during the scan.
  • Like its storing multiple manuals explore, It should have the capability of storing multiple logins.
Verified User
Anonymous
Read full review
Rapid7
  • Scan might be slow compared to other tools.
  • Not a lot of training on the vendor side.
Randy Varela | TrustRadius Reviewer
Randy Varela
Offensive Security Engineer Lead
Read full review
Alternatives Considered
HCL Technologies
Both solutions are decent, however, I had team members who had the experience working with HCL AppScan. Also, the product was priced nominally which suited our budget. Further, HCL AppScan's user community was bigger and many learning resources were freely available which helped junior peers learn quickly and eliminate any issues
Verified User
Anonymous
Read full review
Rapid7
BurpSuite isn't a competitor necessarily but still for the price of a few hundred dollars per user it is a great tool, however, AppSpider blew it out of the water with its accuracy in terms of vulnerabilities reported as well as other aspects such as UI, customer support etc.
Verified User
Anonymous
Read full review
Return on Investment
HCL Technologies
  • There are countless implementations to accomplish the same thing, and so many configurations are required.
  • Even if you test it finished and find no vulnerabilities, there is no point if you just get the error screen.
  • Until now, I was worried about vulnerabilities and security in software development, but I think it was good to find the vulnerability problem quickly with HCL AppScan.
Brandon R Hudson | TrustRadius Reviewer
Brandon R Hudson
Software Engineer
Read full review
Rapid7
  • Great ROI for consultant projects.
Randy Varela | TrustRadius Reviewer
Randy Varela
Offensive Security Engineer Lead
Read full review
ScreenShots