Try our new research platform with insights from 80,000+ expert users

Rapid7 InsightAppSec vs Rapid7 InsightCloudSec comparison

Rapid7 InsightAppSec and Rapid7 InsightCloudSec are both solutions in the AI Observability category. Rapid7 InsightAppSec is ranked #9 with an average rating of 7.8, while Rapid7 InsightCloudSec is ranked #6 with an average rating of 7.8. Rapid7 InsightAppSec holds a 0.7% mindshare in AO, compared to Rapid7 InsightCloudSec’s 1.1% mindshare. Additionally, 94% of Rapid7 InsightAppSec users are willing to recommend the solution, compared to 87% of Rapid7 InsightCloudSec users who would recommend it.
Rapid7 InsightAppSec
Read 19 Rapid7 InsightAppSec reviews
  • 1,639 Views
  • 115 Comparison Views
94% willing to recommend
Rapid7 InsightCloudSec
Read 13 Rapid7 InsightCloudSec reviews
  • 1,819 Views
  • 200 Comparison Views
87% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Rapid7 InsightAppSec and Rapid7 InsightCloudSec based on real PeerSpot user reviews.

Find out in this report how the two AI Observability solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Rapid7 InsightAppSec vs. Rapid7 InsightCloudSec Report (Updated: December 2025).
Buyer's Guide
Rapid7 InsightAppSec vs. Rapid7 InsightCloudSec
December 2025
Download the complete report
Helped 881,114 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Rapid7 InsightAppSec
Ranking in AI Observability
9th
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
19
Ranking in other categories
Dynamic Application Security Testing (DAST) (6th)
Rapid7 InsightCloudSec
Ranking in AI Observability
6th
Average Rating
7.8
Reviews Sentiment
6.3
Number of Reviews
13
Ranking in other categories
Cloud Management (13th), Cloud Security Posture Management (CSPM) (14th), Cloud-Native Application Protection Platforms (CNAPP) (10th)
 

Mindshare comparison

As of January 2026, in the AI Observability category, the mindshare of Rapid7 InsightAppSec is 0.7%. The mindshare of Rapid7 InsightCloudSec is 1.1%, up from 0.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
AI Observability Market Share Distribution
ProductMarket Share (%)
Rapid7 InsightCloudSec1.1%
Rapid7 InsightAppSec0.7%
Other98.2%
AI Observability
 

Featured Reviews

Shritam Bhowmick - PeerSpot reviewer
Shritam Bhowmick
Vulnerability Management Lead at garrett
Provides reliable applications security but needs better integration options
There are areas for improvements regarding false positives. Integration capabilities are lacking, as options for integrations with other tools such as SNOW, Jira, or other integration tools are not sufficient in Rapid7 InsightAppSec. The user interface sometimes has glitches, which may prevent appropriate results during navigation, and even when we get appropriate results, it can be impossible to export them to CSV records or download files. Regarding scalability, Rapid7 InsightAppSec is not a scalable solution for our industry due to limited integration capabilities. Rapid7 relies on another tool called InsightConnect, which requires additional investment, detracting from scalability. Another area that needs improvement is the integration of AI capabilities into the platform. Both Rapid7 InsightAppSec and InsightVM need to advance in that area. In terms of behavioral and pattern recognition, identifying complex attacks such as SQL, blind SQL, JSON, and LDAP injections often results in 94% false positives. This necessitates improvement in their behavioral-based analytics feature.
Read full review
Arun Babu - PeerSpot reviewer
Arun Babu
SOC analyst at a media company with 1,001-5,000 employees
Daily endpoint monitoring has improved investigations and saved time but detection rules still need tuning
It is important to note that Rapid7 InsightCloudSec's features are not 100% precise, but I find about 70% of the time it is satisfactory. I would like to suggest that you improve it to be more precise, ideally making it 100% if possible. Some cases in Rapid7 InsightCloudSec indicate that the log is not enough, as they mostly just generate alerts, and the synchronization between data connectors is often problematic, particularly in terms of not being in sync always, especially between the AD and Rapid7 alerts, which generates numerous false positives. Additionally, the traditional rules should be updated, as this is a main point worth mentioning since we spend a lot of time fine-tuning these traditional rules. I suggest improving the legacy detection rules. If there are any authentication cases, such as impossible travel activity where a user has their SharePoint hosted in a different location, Rapid7 can often trigger alerts, creating confusion as we cannot fine-tune it properly. Another issue is with honeypot access. We sometimes lack necessary logs because Defender's advanced threat protection scanning gets detected as honeypot activity by Rapid7, leading to annoying and noisy alerts that we need to constantly close. If you can improve the traditional detection rules to reflect current detection rules, it would make it significantly easier for us to manage, as we constantly need to check legacy rules to update or possibly turn them off. Updating the legacy rules should be a priority.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The templates feature is very easy. You just choose the kind of attack you want on your web application, and you run it against that template and receive a report. It's great."
"The reporting functionality is excellent."
"I would rate the technical support from Rapid7 a ten, indicating high-quality support."
"The automatic automation of the automated authorization to the SCANNET environment is valuable."
"You have various attack modules, and you also have the Attack Replay feature for the attack sequence. You can reproduce an attack and see it. That is a very good feature I noticed in this solution. It helps developers as well."
"The most valuable feature of this solution is the graphical interface."
"It's very easy to use and user-friendly. It does the job."
"The solution is stable."
More Rapid7 InsightAppSec pros
"The fastest scanning is the best feature Rapid7 InsightCloudSec offers, helping me respond to threats quickly in my daily operations."
"ICSE is cheaper compared to other tools and has a pleasant user experience with good support."
"Since implementing Rapid7 InsightCloudSec, manual cloud security checks have been reduced by around forty to fifty percent, and mean time to resolve misconfigurations has dropped from several hours to under thirty minutes on average, significantly improving efficiency and client confidence."
"It runs every hour and has been reliable since I started."
"Rapid7 InsightCloudSec has positively impacted my organization because we are using Microsoft Defender for endpoint protection alongside Rapid7."
"The best features Rapid7 InsightCloudSec offers include more automation remediation, compliance reporting for auditing, improvement on multi-cloud governance, and cost visibility, which really stand out to me."
"I find the security frameworks and security tools valuable. I think they're good in the infrastructure of the code security. They are also good at threat protection."
"ICSE is cheaper compared to other tools and has a pleasant user experience with good support."
More Rapid7 InsightCloudSec pros
 

Cons

"The reporting feature of Rapid7 InsightAppSec needs improvement as it currently provides basic reports."
"In terms of behavioral and pattern recognition, identifying complex attacks such as SQL, blind SQL, JSON, and LDAP injections often results in 94% false positives."
"Currently, InsightAppSec lacks similar functionality. Customers must wait for remediation during the developers' preparation of a new version."
"I required a solution to manage on-premises, but I was not as satisfied as expected."
"We get a lot of false positives during the tests."
"The only concern I have with Rapid7 is that it does not provide enough information about vulnerabilities within AppSec."
"The dynamic scanning feature has simplified and improved the security testing process. I suggest adding a SaaS feature to the solution to support scanning SaaS applications, making it more comprehensive. It would be beneficial if the solution could also scan mobile applications. It only scans web applications and should also cover mobile applications, including firmware recommendations."
"The interface should be a little bit easier to manage. Sometimes, the logic that they use is kind of strange. They need to work a little bit more on their interface to make it more understandable. The interface is the only problem. I'm using Rapid7, which is very intuitive. There are other applications available in the market with a better interface. They can include more techniques or options to test different types of security because the templates are limited. It would be great to see them follow the MITRE ATT&CK framework or what is there in tools like Veracode and Synopsys."
More Rapid7 InsightAppSec cons
"I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec."
"The login piece needs improvement."
"Rapid7 InsightCloudSec could be better at showing dashboards for virtual firewalls and appliances. Compared to other solutions like Palo Alto, this area is not as good. So, they should work on improving this for virtual devices."
"Rapid7 InsightCloudSec can be improved by seeing reductions and improvements in prioritization, tuning findings, suppressing low-value alerts, and better prioritizing the most critical risks."
"The platform could be improved with more customizable dashboards and reporting."
"Rapid7 InsightCloudSec needs to provide more granular search capabilities, such as the ability to search back the last three months."
"A couple of modules are missing when compared to other providers, specifically related to some IAM, and the login piece needs improvement."
"They didn't have any documentation on how to patch it."
More Rapid7 InsightCloudSec cons
 

Pricing and Cost Advice

"Rapid7 InsightAppSec is cheap."
"Its price is competitive. It is not expensive."
"The price of this product is very cheap."
"I rate Rapid7 InsightAppSec’s pricing an eight out of ten."
"They offer a good price, but I don't remember its cost. It is fair as compared to the competition. We have opted for project-based licensing, not user-based. We can add any number of users. That doesn't matter. It is worth the money."
"I'm not sure how much it costs exactly, but I know it's expensive."
"Companies generally buy this tool because the pricing is not that high."
"We're doing an annual subscription. There are additional expenses, but not within the confines of this platform."
report
See which vendors are best for you
Use our free recommendation engine to learn which AI Observability solutions are best for your needs.
See recommendations
881,114 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
14%
Manufacturing Company
13%
Computer Software Company
11%
Government
9%
Insurance Company
10%
Manufacturing Company
9%
Financial Services Firm
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise2
Large Enterprise5
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise5
Large Enterprise8
 

Questions from the Community

What do you like most about Rapid7 InsightAppSec?
In Rapid7 InsightAppSec, a distinctive feature is the provision of a CDM for integrating web servers and web applications. To establish the connection between these applications, you only need to p...
See all answers
What needs improvement with Rapid7 InsightAppSec?
There are areas for improvements regarding false positives. Integration capabilities are lacking, as options for integrations with other tools such as SNOW, Jira, or other integration tools are not...
See all answers
What is your primary use case for Rapid7 InsightAppSec?
Our main use case for Rapid7 InsightAppSec is to perform internal assessment of applications and external facing applications. We have a cloud engine plus on-premises engine, and we have been lever...
See all answers
What do you like most about Rapid7 InsightCloudSec?
The tool provides centralized visibility through dashboards and alerts, allowing customers to receive reports on cloud vulnerabilities and security posture. Rapid7 InsightCloudSec provides customer...
See all answers
What is your experience regarding pricing and costs for Rapid7 InsightCloudSec?
The pricing, setup cost, and licensing for Rapid7 InsightCloudSec are reasonable, and since our organization is growing, I have observed that the more numbers you have, the less costly the product ...
See all answers
What needs improvement with Rapid7 InsightCloudSec?
I would say that because Rapid7 InsightCloudSec does not have automatic patching capabilities, it provides recommendations, but it does not execute anything from within Rapid7 InsightCloudSec. It h...
See all answers
 

Comparisons

Rapid7 AppSpider vs Rapid7 InsightAppSec Logo
Rapid7 AppSpider vs Rapid7 InsightAppSec
Compared 18% of the time
Invicti vs Rapid7 InsightAppSec Logo
Invicti vs Rapid7 InsightAppSec
Compared 12% of the time
PortSwigger Burp Suite Professional vs Rapid7 InsightAppSec Logo
PortSwigger Burp Suite Professional vs Rapid7 InsightAppSec
Compared 10% of the time
OWASP Zap vs Rapid7 InsightAppSec Logo
OWASP Zap vs Rapid7 InsightAppSec
Compared 9% of the time
AppCheck vs Rapid7 InsightAppSec Logo
AppCheck vs Rapid7 InsightAppSec
Compared 8% of the time
More Rapid7 InsightAppSec Competitors
Wiz vs Rapid7 InsightCloudSec Logo
Wiz vs Rapid7 InsightCloudSec
Compared 25% of the time
Microsoft Defender for Cloud vs Rapid7 InsightCloudSec Logo
Microsoft Defender for Cloud vs Rapid7 InsightCloudSec
Compared 14% of the time
CrowdStrike Falcon Cloud Security vs Rapid7 InsightCloudSec Logo
CrowdStrike Falcon Cloud Security vs Rapid7 InsightCloudSec
Compared 13% of the time
AWS Security Hub vs Rapid7 InsightCloudSec Logo
AWS Security Hub vs Rapid7 InsightCloudSec
Compared 6% of the time
FortiCNAPP vs Rapid7 InsightCloudSec Logo
FortiCNAPP vs Rapid7 InsightCloudSec
Compared 6% of the time
More Rapid7 InsightCloudSec Competitors
 

Product Reports

Buyer's Guide
Rapid7 InsightAppSec
January 2026
Rapid7 InsightAppSec reportDownload Rapid7 InsightAppSec product report
Buyer's Guide
Rapid7 InsightCloudSec
January 2026
Rapid7 InsightCloudSec reportDownload Rapid7 InsightCloudSec product report
 

Also Known As

InsightAppSec
DivvyCloud
 

Overview

Your web applications may be complex, but your application security testing tool doesn’t need to be. InsightAppSec brings Rapid7’s proven Dynamic Application Security Testing (DAST) technology to the Insight platform, combining powerful application crawling and attack capabilities, flexibility in scan scope and scheduling, and accuracy in results with a modern UI, intuitive workflows, and sensible data organization. This enables you to identify XSS, SQL injection, CSRF, and other vulnerabilities with unparalleled ease. The best part? All of these capabilities are delivered via the cloud so that you’re up and running in minutes to identify the critical security risks that exist in your applications.

Rapid7

Rapid7 InsightCloudSec is a comprehensive CSPM tool catering to cloud security across Docker and Kubernetes workloads, ensuring rigorous data classification and protection, focusing on AWS and Azure platforms.

Organizations leverage Rapid7 InsightCloudSec for securing cloud environments, integrating smoothly into Kubernetes settings for extensive security oversight. This tool addresses data protection with governance and access controls, providing centralized visibility and alert mechanisms. Users depend on its threat detection capabilities, easing data security management on AWS and Azure. The platform integrates automated processes and agentless scanning to foster an understanding of cloud security dynamics. Enhancements in CNAPP management and more intuitive interfaces could further streamline its use.

What are the most important features of Rapid7 InsightCloudSec?
  • Security Frameworks: Offers structured systems to enforce security policies across cloud environments.
  • Agentless Scanning: Provides insights without deploying agents, simplifying operations.
  • Automation: Streamlines routine security tasks, enhancing efficiency.
  • Centralized Visibility: Uses dashboards and alerts for comprehensive monitoring.
  • Vulnerability Management: Identifies threats with a comprehensive database.
What ROI should users look for in reviews?
  • Improved Data Security: Enhanced protection across multiple cloud platforms.
  • Compliance Facilitation: Helps meet regulatory standards effortlessly.
  • Operational Efficiency: Reduces workload with automation and intuitive tools.
  • Threat Prevention: Proactively manages vulnerabilities.

In financial sectors, Rapid7 InsightCloudSec is critical for safeguarding sensitive information and ensuring compliance. Healthcare industries use it to protect patient data, adhering to strict regulatory standards. E-commerce businesses appreciate its ability to secure transaction data while maintaining service availability through reliable threat detection and mitigation strategies.

Rapid7
 

Sample Customers

CenterPoint Energy, CPA Australia, Hypertherm, First American Financial Corporation, Rackspace
Fannie Mae, 3M, PizzaHut, Spotify, Autodesk, Discovery
Buyer's Guide
Rapid7 InsightAppSec vs. Rapid7 InsightCloudSec
December 2025
Free Report: Rapid7 InsightAppSec vs. Rapid7 InsightCloudSec
Find out what your peers are saying about Rapid7 InsightAppSec vs. Rapid7 InsightCloudSec and other solutions. Updated: December 2025.
DOWNLOAD NOW
881,114 professionals have used our research since 2012.
See our Rapid7 InsightAppSec vs. Rapid7 InsightCloudSec report.
See our list of best AI Observability vendors.

We monitor all AI Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.