No more typing reviews! Try our Samantha, our new voice AI agent.

Rapid7 AppSpider vs Tenable.io Web Application Scanning comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 AppSpider
Average Rating
7.8
Reviews Sentiment
6.7
Number of Reviews
14
Ranking in other categories
Static Application Security Testing (SAST) (30th)
Tenable.io Web Application ...
Average Rating
7.8
Reviews Sentiment
5.8
Number of Reviews
18
Ranking in other categories
Application Security Tools (22nd)
 

Mindshare comparison

Rapid7 AppSpider and Tenable.io Web Application Scanning aren’t in the same category and serve different purposes. Rapid7 AppSpider is designed for Static Application Security Testing (SAST) and holds a mindshare of 0.8%, up 0.5% compared to last year.
Tenable.io Web Application Scanning, on the other hand, focuses on Application Security Tools, holds 1.3% mindshare, up 1.3% since last year.
Static Application Security Testing (SAST) Mindshare Distribution
ProductMindshare (%)
Rapid7 AppSpider0.8%
SonarQube14.2%
Checkmarx One9.1%
Other75.9%
Static Application Security Testing (SAST)
Application Security Tools Mindshare Distribution
ProductMindshare (%)
Tenable.io Web Application Scanning1.3%
SonarQube12.4%
Checkmarx One8.2%
Other78.1%
Application Security Tools
 

Featured Reviews

HW
Marketing Expert at J's communication
Clients benefit from broad authentication and effective crawling but need localization improvements
Our clients use AppSpider to address security concerns for their websites. It is particularly used by customers who require security assessments One of the most valuable features of AppSpider is its broad range of authentication identification, which is a key reason for its utilization.…
HL
Security Analyst at TOPNET
Web audits have identified vulnerabilities and now provide clear visibility into compliance gaps
We have experience with Tenable.io Web Application Scanning, and we use it as well; we have approximately ten licenses for web application scanning. We use it to find vulnerabilities, but Tenable.io Web Application Scanning does not include remediation; we remediate with other products. We use the…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The initial deployment is very straightforward and simple. The product is stable if configured properly."
"One of the most valuable features of AppSpider is its broad range of authentication identification, which is a key reason for its utilization."
"It scans all the components developed within a web application."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information, and you don't need specialized skills to use the product."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"The most valuable feature is the reporting, which is compliant with international standards."
"If customers need a cost-efficient way to do very good ramification scanning and vulnerability management, this is the right solution."
"Our primary use case for the solution is automated scanning; it doesn't require scripting knowledge or any of those suites or other tools, so it is fully automated, and we provide the credentials and URL and the tool does all scanning and will show the result per the requirement."
"We can get detailed information about vulnerabilities."
"I would recommend Tenable.io Web Application Scanning to others."
"Tenable provides the end analysis results covering all the published vulnerabilities and information on the market."
"We use the tool for our websites. We have a vulnerable subdomain. The tool helps to scan it for vulnerabilities."
"It is fully automated."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
 

Cons

"This price of this solution is a little bit expensive."
"The tech support is responsive but issues remain unresolved."
"The dashboard and interface are crucial and they need some improvement."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"For Japanese customers, localization is needed. The product should offer a GUI in Japanese and provide Japanese reports for end-users."
"The enterprise interface is too simple. It should be more customizable."
"It needs better integration with mobile applications."
"Sometimes it lags with different cloud environments."
"The solution's dashboards could be improved and made more user-friendly."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"The technical support needs improvement. Currently, it takes time, which might be due to the free version, but providing some level of support could encourage future purchase decisions."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
"Tenable.io Web Application Scanning is not very user-friendly and you need a lot of information to get proper reports. The tool's support is not very responsive."
"The cloud and the on-premises versions have their own controllers, and there is no way to centrally manage controllers."
"The platform's technical support services could be better."
 

Pricing and Cost Advice

"It is expensive if you want to buy the Enterprise version that is able to scan multiple applications at once."
"The price is pretty fair."
"The licensing cost depends on the number of users."
"AppSpider is closed-source software and you need to acquire a license in order to use it."
"The price of Rapid7 AppSpider cost 9,000 annually but there is limited usage. Large companies are able to negotiate a better price or a better deal for the usage with the vendor."
"The pricing is okay."
"For Tenable.io Web Application Scanning, it comes to around 6,50,000 Indian rupees, plus taxes."
"I rate the product's pricing a four out of ten."
"The price of the solution is reasonable compared to the competitors. The license cost is based on the number of users and the annual usage."
"Tenable.io Web Application Scanning is expensive for small businesses."
"It follows the same licensing scheme as Tenable.io and Tenable. sc."
"The application is extremely affordable. There are no additional costs involved with licensing. We switched to Tenable.io Web Application Scanning from other solutions due to pricing."
report
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
904,899 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
11%
University
10%
Financial Services Firm
10%
Construction Company
7%
Financial Services Firm
14%
Manufacturing Company
9%
Computer Software Company
8%
Construction Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business12
Midsize Enterprise2
Large Enterprise1
By reviewers
Company SizeCount
Small Business7
Midsize Enterprise5
Large Enterprise7
 

Questions from the Community

What is your experience regarding pricing and costs for Rapid7 AppSpider?
The price is not high, but for Japanese customers, localization may incur additional costs.
What needs improvement with Rapid7 AppSpider?
For Japanese customers, localization is needed. The product should offer a GUI in Japanese and provide Japanese reports for end-users.
What is your primary use case for Rapid7 AppSpider?
Our clients use AppSpider to address security concerns for their websites. It is particularly used by customers who require security assessments.
What needs improvement with Tenable.io Web Application Scanning?
If there were a solution, I would like to see automation and an integrated remediation solution for vulnerability or patch management.
What advice do you have for others considering Tenable.io Web Application Scanning?
I do not understand what API approach means; I do not understand this term. I think Tenable.io Web Application Scanning is the best option on the market at the moment. My review rating for this pro...
What is your experience regarding pricing and costs for Tenable.io Web Application Scanning?
I think the price is expensive. We do not have an idea of how much we have to pay approximately, but comparing to other products, Tenable.io Web Application Scanning is expensive.
 

Also Known As

AppSpider
No data available
 

Overview

 

Sample Customers

Microsoft
IMDEX
Find out what your peers are saying about SonarSource Sàrl, Checkmarx, Veracode and others in Static Application Security Testing (SAST). Updated: June 2026.
904,899 professionals have used our research since 2012.