How do I purchase HCL AppScan software?
You can purchase HCL AppScan from a set of plans, curated for different needs, directly on the HCL AppScan Marketplace.
Industry-leading Application
Security Testing!
Exclusive Year-end Deals on Professional Pay-per-scan Prices
View offers ↑ *1-100 scans per order, **Maximum of 2 packs per order
90%
Discount
Discount
Limited Offer
1 Security Scan*
$29.99
Regular Price per scan $299
Choice of DAST, SAST, or SCA scans
Best Deal
50-scan pack**
$699
Mega Discount for frequent users
Choice of DAST, SAST, or SCA Scans
*1-100 scans per order
**Maximum of 2 packs per order
Select Your Plan
Pick the option that fits your team.
CodeSweep
Free Download$0
Simple-to-use SAST source code vulnerability scanner
Perfect for all levels of developer.
- On-prem GitHub Extension
- Identify dangerous code in any pull request
- Get security highlights in code reviews
- Remediation advice for faster fixes
- Supports 35+ languages
Free Trial
SaaS14 Day Trial
Try before you buy with this simple self-trial
See scans and dashboards in action using your own data.
- 5 Scans (SAST, DAST, SCA)
- 14 day trial subscription
- Summary reports
(issues only/no details) - Private site scanning not available.
- Regulatory reports not available
Professional
SaaS$299 $29.99 / scan
Comprehensive tool set with pay-per-scan flexibility.
Perfect for small/medium-sized businesses
- Choice of DAST, SAST, or SCA scans
- 1 yr SaaS Subscription
- Centralized Dashboards
- Customizable Policies
- Actionable Reporting
- Compliance-ready
- Integrations into IDEs and CI/CD Pipelines
- Rich set of APIs
Enterprise
SaaS / On prem / Private CloudContact Sales
Complete security suite to manage business risk at scale
Perfect for high numbers of apps and/or developers
- Unlimited Scans
- Everything in Pro plus
- IAST, IaC, Secrets
- Auto-issue Correlation
- API Security
- AI-driven triage/remediation
- Multiple deployment options
- Multiple pricing options: concurrent, per user, per app
Compare Plans
| CodeSweep | Free Trial | Professional | Enterprise | |
|---|---|---|---|---|
|
SAST
|
|
|
||
|
DAST
|
|
|
||
|
SCA
|
|
|
||
|
IAST
|
|
|
|
|
|
API Testing
|
|
|
||
|
IaC Testing
|
|
|
||
|
Secrets Scanning
|
|
|
||
|
AI-enabled Accuracy (False positive reduction)
|
|
|
||
|
Centralized Dashboards
|
|
|||
|
Actionable Reporting
|
|
|
||
|
Integrations
|
|
|||
|
Automations
|
|
|
||
|
Customizable Policies
|
|
|
||
|
Auto-Issue Correlation
|
|
|
|
|
|
Unlimited Scans
|
|
|
|
|
|
Unlimited Applications
|
|
|
|
|
|
Unlimited Users
|
|
|
|
|
|
Concurrent pricing
|
|
|
|
|
|
Per Application pricing
|
|
|
|
|
|
Per User pricing*
|
|
|
|
|
Start Scanning Today
DAST
Dynamic Analysis
Test running applications for vulnerabilities with real-world attack simulations.
SAST
Static Analysis
Analyze your source or binary code to find and fix issues early in development.
SCA
Software Composition Analysis
Detect and manage risks in open-source libraries and components.
All scans are the same price so you can choose which ones to use based on your specific needs.
Clients Feedback
What Customers are Saying
The product has always been consistent and delivers excellent results. The automated login process is a key function missing in competitor systems. I started using the tool in the early 2000s.”
HCL AppScan gets results at the right level of analysis. The intelligent analysis that it supplies saves time for the Security Engineers during the triage. Developers who have the Fix Group feature can quickly identify where to do the corrections to resolve several vulnerabilities with just a few source code modifications. (Courtesy of G2.com)
Today I can say with certainty that choosing AppScan was the right decision because, from every perspective we have gained added value starting from the ease of installation and its integration marketplace. This is especially important for companies like ours which are involved in various mergers and acquisitions and need to quickly onboard different companies into the application in a very short time.
Total cost of ownership for us, in terms of operations, but also in terms of back-fixing, and also in terms of testing, in any phase of development, the total cost of ownership has been reduced by HCL AppScan.
What Experts are Saying
Leader
2025 Gartner Magic Quadrant™ for Application Security Testing:
Highest ranked for Enterprise Use Case
2025 Gartner Critical Capabilities for Application Security Testing
Strong Performer
2025 Forrester Static Application Security Testing Wave
Notable Vendor
2025 Forrester Static Application Security Testing Landscape
Leader & Fast Mover
2025 GigaOm Radar for App Security Testing
4.6 for HCLSoftware AppScan on:
1
Choose your number of scans
Use the calculator to select your scan quantity and checkout instantly.
2
Activate your account
You’ll receive access credentials and cloud scan credits right away.
3
Run your scans
Launch tests, integrate into CI/CD, and get results in real time.
4
View & manage reports
Track vulnerabilities, export reports, and manage remediation workflows.
5
Scale up anytime
Need more scans? Simply purchase additional credits — no renewal hassle.
Frequently Asked Questions
Does HCL AppScan offer free scans?
Yes, HCL AppScan offers free SAST scans via CodeSweep, allowing organizations to test the features before purchasing scans via a subscription.
What are the purchase options for buying scans?
You can choose from a range of purchase options, including our free CodeSweep tool, a pay-per-scan Professional plan, and a custom Enterprise suite. Find the full details for all AppScan options. Click here to view Marketplace options.
| Plan | Pricing | Target Audience & Key Feature Notes |
|---|---|---|
| Codesweep | Free Downloadable Application |
Simple-to-use SAST source code vulnerability scanner. Perfect for all developer skill levels. |
| Professional | SaaS $313.62 per scan (minimum of 5 scans) |
Comprehensive tool set with pay-per-scan flexibility. Perfect for small and medium-sized businesses. Includes DAST, SAST, SCA scanning with 1-year SaaS subscription. |
| Enterprise | SaaS Custom Pricing |
Complete application security suite to manage business risk at scale. Perfect for medium and large enterprise customers with high numbers of apps and/or developers. |
What payment methods do you accept?
For the “Professional” option, we accept credit card payments (this option is currently limited to the United States and Canada). “Enterprise” transactions are typically processed via a purchase order or electronic payment option.
Does HCLSoftware store my credit card information?
No, HCLSoftware generally uses a secure, third-party provider to handle all credit card activity and information.
What happens if I purchase scans but don’t use them all within the subscription period?
All scan purchases must be used within the subscription time period. Any unused scans expire at the end of your subscription period.
How do I get a custom price quote for the enterprise option?
For the “Enterprise” SaaS option, you must contact the HCL AppScan Sales Team directly to request a custom quote or book a demo. For sales support, please click here.
What is a DAST scan?
Dynamic Application Security Test (DAST) scans crawl through and identify security vulnerabilities in your running web applications and APIs to detect potential vulnerabilities prior to deployment or in your staging environments.
What is a SAST scan?
Static Application Security Test (SAST) scans allow you to accurately identify critical application vulnerabilities in source code and build automated security into development with easy integration into IDEs and CI/CD pipelines.
What is an SCA scan?
Software Composition Analysis (SCA) analyzes information from multiple sources to identify open-source libraries and components that are being used by your code and employs a constantly refreshed database to detect vulnerabilities introduced by these components.
Is there technical support available?
Yes. Technical support is available; pricing is dependent on your needs and other factors. For technical support, please click here. Also, for other questions, you can interact with our chatbot, available on our HCL AppScan webpage.
How do I get additional product information?
You may access our main HCL AppScan webpage and interact with our Chatbot to help get some basic questions answered. For more detailed information about our product, please click here.
Built for Developers
Access our Resources, APIs and automation framework to integrate scanning into your CI/CD pipeline.
Hi, I am HCLSoftware Virtual Assistant.
