Try our new research platform with insights from 80,000+ expert users

OpenText Dynamic Application Security Testing vs Rapid7 InsightAppSec comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 19, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

OpenText Dynamic Applicatio...
Ranking in Dynamic Application Security Testing (DAST)
3rd
Average Rating
7.2
Reviews Sentiment
6.8
Number of Reviews
21
Ranking in other categories
DevSecOps (10th)
Rapid7 InsightAppSec
Ranking in Dynamic Application Security Testing (DAST)
2nd
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
19
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Dynamic Application Security Testing (DAST) category, the mindshare of OpenText Dynamic Application Security Testing is 22.2%, down from 30.5% compared to the previous year. The mindshare of Rapid7 InsightAppSec is 11.8%, down from 12.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST)
 

Featured Reviews

Navin N - PeerSpot reviewer
Effective scanning of diverse file extensions with fast reporting and issue resolution
We develop software packages for clients, and these clients are mostly in the BFSI sector. The packages need to be scanned, and we engage Fortify WebInspect for this.  Customers typically perform their own application pen tests, but in some cases, we have engagements where customers want us to scan…
Shritam Bhowmick - PeerSpot reviewer
Provides reliable applications security but needs better integration options
There are areas for improvements regarding false positives. Integration capabilities are lacking, as options for integrations with other tools such as SNOW, Jira, or other integration tools are not sufficient in Rapid7 InsightAppSec. The user interface sometimes has glitches, which may prevent appropriate results during navigation, and even when we get appropriate results, it can be impossible to export them to CSV records or download files. Regarding scalability, Rapid7 InsightAppSec is not a scalable solution for our industry due to limited integration capabilities. Rapid7 relies on another tool called InsightConnect, which requires additional investment, detracting from scalability. Another area that needs improvement is the integration of AI capabilities into the platform. Both Rapid7 InsightAppSec and InsightVM need to advance in that area. In terms of behavioral and pattern recognition, identifying complex attacks such as SQL, blind SQL, JSON, and LDAP injections often results in 94% false positives. This necessitates improvement in their behavioral-based analytics feature.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Good at scanning and finding vulnerabilities."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"Technical support has been good."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"The solution is easy to use."
"It is scalable and very easy to use."
"The feature that has been most influential in identifying vulnerabilities is its ability to crawl the website, understand the structure, and analyze the network packets sent and received."
"The most valuable feature is the static analysis."
"When considering DAST, it is not attributed to a singular feature but rather the capabilities of the engine that provides a genuine penetration testing experience and delivers insightful reports."
"The reporting functionality is excellent."
"We have seen measurable decrease in the mean time to respond to threats by 20 percent."
"I rate stability ten out of ten."
"I would rate the technical support from Rapid7 a ten, indicating high-quality support."
"It is very convenient to get reports from the tool, which offers high-level environmental statistics."
"The automatic automation of the automated authorization to the SCANNET environment is valuable."
"It uses a signature-based method to check for problems with your code and will provide an alert if anything is found."
 

Cons

"Creating reports is very slow and it is something that should be improved."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"I want to enhance automation. Currently, Fortify WebInspect can scan and find vulnerabilities, but users with specific skills need to interpret the results and understand how to address them."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"We have often encountered scanning errors."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"The interface should be a little bit easier to manage. Sometimes, the logic that they use is kind of strange. They need to work a little bit more on their interface to make it more understandable. The interface is the only problem. I'm using Rapid7, which is very intuitive. There are other applications available in the market with a better interface. They can include more techniques or options to test different types of security because the templates are limited. It would be great to see them follow the MITRE ATT&CK framework or what is there in tools like Veracode and Synopsys."
"The number of web applications we can scan is limited."
"They should add more features. I would like to see them do a little more on static analysis and also interactivity analysis. Currently, it does very basic static analysis. It could do a little more static analysis, which is something that would help. A lot more interactivity analysis should also be there. It should basically look at security during interactivity."
"The reporting feature of Rapid7 InsightAppSec needs improvement as it currently provides basic reports."
"We get a lot of false positives during the tests."
"There is room for improvement in Rapid7 InsightAppSec by giving clients the ability for extra columns on reports and enabling the extraction of remediation reports into a CSV format. Currently, the PDF format is cumbersome to go through when dealing with thousands of pages."
"The reporting feature of Rapid7 InsightAppSec needs improvement as it currently provides basic reports."
"The reporting is definitely an aspect of the solution that's in need of some work. We found that we'd try to use widgets, but often getting them to work for us wasn't very clear. They need to be more user friendly or offer better instructions."
 

Pricing and Cost Advice

"Fortify WebInspect is a very expensive product."
"It’s a fair price for the solution."
"Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
"The pricing is not clear and while it is not high, it is difficult to understand."
"The price is okay."
"Our licensing is such that you can only run one scan at a time, which is inconvenient."
"This solution is very expensive."
"They offer a good price, but I don't remember its cost. It is fair as compared to the competition. We have opted for project-based licensing, not user-based. We can add any number of users. That doesn't matter. It is worth the money."
"I'm not sure how much it costs exactly, but I know it's expensive."
"The price of this product is very cheap."
"Rapid7 InsightAppSec is cheap."
"Its price is competitive. It is not expensive."
"I rate Rapid7 InsightAppSec’s pricing an eight out of ten."
report
Use our free recommendation engine to learn which Dynamic Application Security Testing (DAST) solutions are best for your needs.
861,034 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Government
14%
Manufacturing Company
12%
Computer Software Company
12%
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
12%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortify WebInspect?
The solution's technical support was very helpful.
What is your experience regarding pricing and costs for Fortify WebInspect?
The price of Fortify WebInspect is high, with the cost depending on the number of virtual users. It is approximately 25% higher than other solutions.
What needs improvement with Fortify WebInspect?
The main area for improvement in Fortify WebInspect is the price, as it is too high compared to the market rate. The cost of the license depends on the number of virtual users and, in comparison to...
What do you like most about Rapid7 InsightAppSec?
In Rapid7 InsightAppSec, a distinctive feature is the provision of a CDM for integrating web servers and web applications. To establish the connection between these applications, you only need to p...
What needs improvement with Rapid7 InsightAppSec?
There are areas for improvements regarding false positives. Integration capabilities are lacking, as options for integrations with other tools such as SNOW, Jira, or other integration tools are not...
What is your primary use case for Rapid7 InsightAppSec?
Our main use case for Rapid7 InsightAppSec is to perform internal assessment of applications and external facing applications. We have a cloud engine plus on-premises engine, and we have been lever...
 

Also Known As

Micro Focus WebInspect, WebInspect
InsightAppSec
 

Overview

 

Sample Customers

Aaron's
CenterPoint Energy, CPA Australia, Hypertherm, First American Financial Corporation, Rackspace
Find out what your peers are saying about OpenText Dynamic Application Security Testing vs. Rapid7 InsightAppSec and other solutions. Updated: June 2025.
861,034 professionals have used our research since 2012.