Try our new research platform with insights from 80,000+ expert users

Fortinet FortiWeb vs Rapid7 Metasploit comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.3
Users experience significant cost savings, enhanced security, and efficient performance with easy deployment of Fortinet FortiWeb, despite some measurement challenges.
Sentiment score
7.6
Rapid7 Metasploit efficiently identifies system vulnerabilities, saving testing time and costs, offering significant ROI for first-time users.
The ROI can be very rapid for organizations using vulnerability assessment for the first time.
Metasploit has helped save time, especially with testing websites or VIPD projects.
 

Customer Service

Sentiment score
6.8
Fortinet FortiWeb's customer support is inconsistent, praised for responsiveness but criticized for slow responses and varying regional satisfaction.
Sentiment score
7.7
Rapid7 Metasploit support varies, with mixed reviews on response time; commercial users generally report better experiences.
The expertise of engineers varies across different time zones, affecting the effectiveness of the support provided, especially during our daytime.
Rapid7 sometimes struggles with queries from non-security people, whereas Tenable is more patient.
The customer support is excellent
 

Scalability Issues

Sentiment score
7.2
Fortinet FortiWeb effectively scales, supporting thousands, though upfront sizing and hardware constraints are key for optimal performance.
Sentiment score
7.9
Opinions differ on Rapid7 Metasploit's scalability, with some praising its adaptability and others noting limitations, especially in automation.
Metasploit can handle big projects and is already prepared for them.
Rapid7 Metasploit is highly scalable.
I would rate the scalability of Metasploit as an eight out of ten.
 

Stability Issues

Sentiment score
7.9
Fortinet FortiWeb offers stable performance with rare issues, quickly resolved through support, ensuring reliable high-traffic management.
Sentiment score
8.1
Users praise Rapid7 Metasploit's stability and improvements, rating it 7-9 out of 10 while noting rare network issues.
We have not faced any significant issues during deployments.
I have never faced any technical issues or downtimes.
I find Metasploit to be very stable, and I would rate its stability as a nine out of ten.
 

Room For Improvement

Fortinet FortiWeb needs enhancements in throughput, cloud presence, integration, and user-friendly features to improve competitiveness and scalability.
Rapid7 Metasploit requires faster updates, improved GUI, better integration, enhanced support, updated database, and stronger evasion capabilities.
The cloud-based security service of Fortinet FortiWeb could be enhanced to match the level of providers like Cloudflare.
Metasploit excels in vulnerability assessment, it could improve in vulnerability management.
The database is not always updated with the latest vulnerabilities or zero-day exploits.
The time taken to fetch reports based on the number of events can be extensive.
 

Setup Cost

Fortinet FortiWeb offers competitive, cost-effective pricing with flexible options, appealing to enterprises for value, transparency, and performance.
Rapid7 Metasploit's pricing includes a one-time fee and annual support, viewed as intermediate compared to alternatives.
Fortinet FortiWeb is cost-effective compared to solutions like F5.
Metasploit is cheaper than Nessus and offers a more robust community edition that provides a good experience for studying Metasploit.
The cost is approximately $15 per device.
 

Valuable Features

Fortinet FortiWeb offers advanced security features with seamless integration, intuitive interface, and enhanced threat detection using AI and machine learning.
Rapid7 Metasploit offers automated penetration testing with extensive module support, integration features, and versatility for security professionals.
The machine learning-based threat detection is significant, as it uses a learning method that eases the configuration burden, making it very useful.
Rapid7 offers comprehensive features within one platform, eliminating the need to integrate multiple tools to see all alerts in one place.
The ability to automate website testing and integrate it into my script makes it even more efficient.
When I compare Metasploit with Nessus, I find that Metasploit is faster and it does not burden the system as much.
 

Categories and Ranking

Fortinet FortiWeb
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
95
Ranking in other categories
Web Application Firewall (WAF) (4th)
Rapid7 Metasploit
Average Rating
7.8
Reviews Sentiment
7.1
Number of Reviews
21
Ranking in other categories
Vulnerability Management (20th)
 

Mindshare comparison

Fortinet FortiWeb and Rapid7 Metasploit aren’t in the same category and serve different purposes. Fortinet FortiWeb is designed for Web Application Firewall (WAF) and holds a mindshare of 8.2%, up 7.5% compared to last year.
Rapid7 Metasploit, on the other hand, focuses on Vulnerability Management, holds 1.4% mindshare, down 1.6% since last year.
Web Application Firewall (WAF)
Vulnerability Management
 

Featured Reviews

Kacem CHAMMALI - PeerSpot reviewer
Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb
The xFF, or X-Forwarded-For feature, IP reputation, and protected hostname. We can block access using the IP address, so no one can connect to our web server or website using the real IP. They need to use the FQDN instead. Even if an attacker detects the IP address, they can't connect directly to the server due to FortiWeb and the option to protect the hostname. All traffic passes through FortiWeb. Machine learning capabilities in FortiWeb: I don't use machine learning all the time. In the initial phase of FortiWeb deployment, we use the learning process to detect the traffic passing through FortiGate to our website.
Mani Bommisetty - PeerSpot reviewer
Comprehensive insights with robust vulnerability detection and streamlined alert management
Rapid7 has a significant advantage in providing a clear picture of my environment. It provides insight and incident detection response capabilities. When deployed with the same agent in servers or endpoints, it identifies vulnerabilities and monitors data transmission to external sources. Rapid7 offers comprehensive features within one platform, eliminating the need to integrate multiple tools to see all alerts in one place.
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
19%
Computer Software Company
11%
Financial Services Firm
10%
Government
6%
Computer Software Company
17%
Financial Services Firm
10%
Manufacturing Company
9%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortinet FortiWeb?
The WAF profiles has been effective at mitigating web-based threats.
What is your experience regarding pricing and costs for Fortinet FortiWeb?
Fortinet FortiWeb is cost-effective compared to solutions like F5. It offers strong performance for the price, providing substantial value for our customers.
What needs improvement with Fortinet FortiWeb?
The cloud-based security service of Fortinet FortiWeb could be enhanced to match the level of providers like Cloudflare ( /products/cloudflare-reviews ). Right now, it is more focused on on-prem so...
What do you like most about Rapid7 Metasploit?
I use Rapid7 Metasploit for payload generation and Post-Exploitation.
What is your experience regarding pricing and costs for Rapid7 Metasploit?
Metasploit is cheaper than Nessus and offers a more robust community edition that provides a good experience for studying Metasploit. This makes it a more economical choice for projects compared to...
What needs improvement with Rapid7 Metasploit?
While Metasploit excels in vulnerability assessment, it could improve in vulnerability management. Nessus currently holds the advantage in management functions. Support is another area where improv...
 

Also Known As

No data available
Metasploit
 

Overview

 

Sample Customers

Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AG
City of Corpus Christi, Diebold, Lumenate, Nebraska Public Power District, Prairie North Regional Health, Apptio, Automation Direct, Bob's Stores, Cardinal Innovations Healthcare Solutions, Carnegie Mellon University
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF). Updated: June 2025.
859,687 professionals have used our research since 2012.