Rapid7 AppSpider Reviews

I try to have our customers to use the solution, then I review the solution, and then I help customers deploy the applications.

Testing the vulnerability of applications.

Integration could be better. For example, while doing the scanning, using the recording username and passwords, there are issues. Also, they could integrate CSED into the product which would benefit in the future.

We have had no problems with scalability.

Customer service has been quite good.

The setup is usually straightforward.

We do the deployment for our clients.

The price is pretty fair.

I would recommend this product. I would give them a higher rating but they need to have more integration available. They do not have integration for GitLabs for example.  

I rate Rapid7 AppSpider a nine out of ten.

We are using Rapid 7 AppSpider mainly for mining data and looking for market manipulations.

The most valuable feature is the ability to mine data.

The dashboard and interface are crucial and they need some improvement.

I have been using Rapid7 AppSpider for two or three years.

I would say that it is stable, as I am not aware of any major issues.

I don't know if it is scalable, as we haven't gotten to that stage yet. We are still testing it on quantities and conditions. Theoretically, yes, it's scalable.

We have between 10 and 20 users.

I have not contacted technical support, nor do I know of anybody in the company who has.

This is a product that I would recommend.

I would rate this solution a seven out of ten.

We put Rapid7 AppSpider on the application scans for our network.

The identification mechanism can enhance each scan through consideration options. These can be enhanced in terms of identifications and the parameters.

Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements.

Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan.

The stability of Rapid7 AppSpider is good. 

The scalability for the product works very well.

The tech support from Rapid7 AppSpider is good. They contact us online in case of any open issues.

The initial setup is straightforward.

All aspects of Rapid7 AppSpider are good. On a scale from one to ten, I would rate this product an eight.

We are a distributor for Rapid7 and AppSpider is one of the products that we implement for our clients.

It does a scan that performs about 100 checks on web applications and produces a clear report on all of the vulnerabilities that are found. It is a dynamic scanner.

The reporting is very nice. There are many different reports and they include remediation details such as links as to where you can find patches.

It is really accurate and the rate of false positives is very low.

It can be integrated with the software development life cycle, which our customers have found very useful. It also integrates with Jira and other ticketing solutions.

With AppSpider, you can scan only one application at a time. If you have AppSpider Enterprise then you can connect one or two more scanners and scan multiple applications at one time.

Support response times are slow and can be improved.

I have been working with Rapid7 AppSpider for a month or two.

AppSpider is pretty stable.

I have tried a couple of open source solutions like Burp Suite but nothing that is in competition with AppSpider.

The initial setup is pretty straightforward. If the user has a Windows machine then they just download the file and press Next several times. That's it. The deployment will take perhaps 20 minutes, although if there are network issues then it might take up to an hour.

We deploy AppSpider on a laptop and it is easier that way because you can take it in and out of the domain. You can connect with the web apps where they are.

It is expensive if you want to buy the Enterprise version that is able to scan multiple applications at once.

My advice to anybody who is considering this solution is that there are other products out there, and everyone has their own requirements. If AppSpider meets the requirements then it is a great one to implement.

I would rate this solution an eight out of ten.

I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us.

The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great.

It has good features.