Coming October 25: PeerSpot Awards will be announced! Learn more

Rapid7 AppSpider OverviewUNIXBusinessApplication

Buyer's Guide

Download the Application Security Testing (AST) Buyer's Guide including reviews and more. Updated: September 2022

What is Rapid7 AppSpider?

SPAs, APIs, mobile—the evolution of application technology is measured in months, not years. Is your web application security testing tool designed to keep up? AppSpider lets you collect all the information needed to test all the apps so that you aren’t left with gaping application risks.

Our dynamic application security testing (DAST) solution crawls to the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster. With AppSpider on your side (or, rather, all of your sides), you’ll be able to scan all the apps today and always be ready for whatever comes next.

Rapid7 AppSpider was previously known as AppSpider.

Rapid7 AppSpider Customers

Microsoft

Rapid7 AppSpider Video

Rapid7 AppSpider Pricing Advice

What users are saying about Rapid7 AppSpider pricing:
  • "The licensing cost depends on the number of users."
  • "The price is pretty fair."
  • Rapid7 AppSpider Reviews

    Filter by:
    Filter Reviews
    Industry
    Loading...
    Filter Unavailable
    Company Size
    Loading...
    Filter Unavailable
    Job Level
    Loading...
    Filter Unavailable
    Rating
    Loading...
    Filter Unavailable
    Considered
    Loading...
    Filter Unavailable
    Order by:
    Loading...
    • Date
    • Highest Rating
    • Lowest Rating
    • Review Length
    Search:
    Showingreviews based on the current filters. Reset all filters
    Agustinus DWIJOKO - PeerSpot reviewer
    Network & Security Engineer at a comms service provider with 11-50 employees
    Real User
    Top 5Leaderboard
    Scan web applications for vulnerabilities and automate testing with various engines
    Pros and Cons
    • "When it is set up properly, it can do scanning on web apps with multiple engines automatically."
    • "AppSpider could improve in the area of integration. They need to add more integration opportunities."
    • "The enterprise interface is too simple. It should be more customizable."
    • "The tech support is responsive but issues remain unresolved."

    What is our primary use case?

    The customer that I handle right now uses AppSpider to scan web applications for vulnerabilities and application testing.  

    What is most valuable?

    For AppSpider there is more than one valuable feature. The distribution is good. With one console dashboard, we can integrate with one, two, or three different engines. When it is set up, each engine can do scanning on all of the web apps automatically.  

    The integration is also good when it is available. For example, we are using selenium to record usernames and passwords. Then we use selenium recording to automate the login and scanning of the apps. These are only two of the things that make AppSpider easy to work with.  

    What needs improvement?

    AppSpider could improve in the area of integration. They need to add more opportunities. The documentation about integration with AppSpider is bad news and some integrations are quite difficult to do right now. It would be nice if we had a simple resource where we could look up on the internet what they are set up to integrate with. Some products will not currently integrate with AppSpider.   

    The interface of the enterprise product is a bit too simple. It would be good if there were options for customizing the views more like a dashboard.  

    For how long have I used the solution?

    I do pre-sales for Rapid7 solutions and I have been doing that for around one or two years. I do not work with AppSpider day-to-day as part of my job, but I am doing presentations, POC (Proof of Concept), and I do some installations for our customers.  

    For Rapid7, I also work with InsightVM and Metasploit doing presentations, POC, and installations for customers. We are a distributor for Rapid7 products.  

    Buyer's Guide
    Application Security Testing (AST)
    September 2022
    Find out what your peers are saying about Rapid7, Checkmarx, OWASP and others in Application Security Testing (AST). Updated: September 2022.
    633,572 professionals have used our research since 2012.

    What do I think about the stability of the solution?

    Because we are only using the product during POC and testing and not using it day-to-day, we do not test the stability under higher usage. Because of that, it is hard to judge stability accurately.  

    What do I think about the scalability of the solution?

    I do not have a lot of experience with the scalability of the product. I think it is scalable because it is easy to do a distribution installation. The ability to use just one dashboard to employ more than one engine is good. I think that shows the processes are scalable.  

    Right now our clients are mostly medium enterprise businesses. We have not had the opportunity to scale to many larger organizations.  

    How are customer service and support?

    For InsightVM the technical support from Rapid7 has been good. If we create a ticket, we get feedback. But right now, one of our customers is a big telco in Indonesia. They are having a problem with an upgrade to Nexpose. The problem has remained unresolved for around one month already. The support only responded by saying that they will try to resolve this issue within six months. They suggested for us to upgrade to the next Nexpose already, but it still not resolved right now. Our customer is left still using the old Nexpose. It is not a good situation.  

    How was the initial setup?

    To do the installation and initial setup is easy, I think. To use the app is where you need to have an expert in using the product. Even though I have had some experience with AppSpider and I do presentations, I think I still need more time to explore the product to understand it better. 

    What other advice do I have?

    On a scale of one to ten (where one is the worst and ten is the best), I would rate Rapid7 AppSpider as a seven or eight-out-of-ten.  

    Disclosure: My company has a business relationship with this vendor other than being a customer: distributor
    PeerSpot user
    Ahsan Khurshid - PeerSpot reviewer
    Information Security Engineer at Trillium Information Security Systems
    Reseller
    Top 20
    Can be easily deployed, but the stability needs improvement

    What is most valuable?

    The initial deployment is very straightforward and simple.

    The product is stable if configured properly.

    What needs improvement?

    There are some glitches with stability, and it is an area for improvement.

    For how long have I used the solution?

    I've been using it for three and a half years.

    Both cloud and on-premises versions are available.

    What do I think about the stability of the solution?

    The product is stable, but you need to configure it properly.

    How was the initial setup?

    The initial deployment is very straightforward and simple, but there are some things you have to understand when you use the cloud version. You need to scan or protect any other text such as the post information so that you can continue to deliver using that title.

    It takes about a day to deploy.

    What about the implementation team?

    The deployment can be done in-house.

    What's my experience with pricing, setup cost, and licensing?

    The licensing cost depends on the number of users.

    What other advice do I have?

    I would recommend Rapid7 AppSpider to others.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributer
    Flag as inappropriate
    PeerSpot user
    Buyer's Guide
    Application Security Testing (AST)
    September 2022
    Find out what your peers are saying about Rapid7, Checkmarx, OWASP and others in Application Security Testing (AST). Updated: September 2022.
    633,572 professionals have used our research since 2012.
    Agustinus DWIJOKO - PeerSpot reviewer
    Network & Security Engineer at a comms service provider with 11-50 employees
    Real User
    Top 5Leaderboard
    scalable, good customer service, and simple install

    What is our primary use case?

    I try to have our customers to use the solution, then I review the solution, and then I help customers deploy the applications.

    What is most valuable?

    Testing the vulnerability of applications.

    What needs improvement?

    Integration could be better. For example, while doing the scanning, using the recording username and passwords, there are issues. Also, they could integrate CSED into the product which would benefit in the future.

    What do I think about the scalability of the solution?

    We have had no problems with scalability.

    How are customer service and technical support?

    Customer service has been quite good.

    How was the initial setup?

    The setup is usually straightforward.

    What about the implementation team?

    We do the deployment for our clients.

    What's my experience with pricing, setup cost, and licensing?

    The price is pretty fair.

    What other advice do I have?

    I would recommend this product. I would give them a higher rating but they need to have more integration available. They do not have integration for GitLabs for example.  

    I rate Rapid7 AppSpider a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
    PeerSpot user
    Buyer's Guide
    Download our free Application Security Testing (AST) Report and find out what your peers are saying about Rapid7, Checkmarx, OWASP, and more!
    Updated: September 2022
    Buyer's Guide
    Download our free Application Security Testing (AST) Report and find out what your peers are saying about Rapid7, Checkmarx, OWASP, and more!