IT Central Station is now PeerSpot: Here's why

Rapid7 InsightAppSec OverviewUNIXBusinessApplication

Rapid7 InsightAppSec Buyer's Guide

Download the Rapid7 InsightAppSec Buyer's Guide including reviews and more. Updated: May 2022

What is Rapid7 InsightAppSec?

Your web applications may be complex, but your application security testing tool doesn’t need to be. InsightAppSec brings Rapid7’s proven Dynamic Application Security Testing (DAST) technology to the Insight platform, combining powerful application crawling and attack capabilities, flexibility in scan scope and scheduling, and accuracy in results with a modern UI, intuitive workflows, and sensible data organization. This enables you to identify XSS, SQL injection, CSRF, and other vulnerabilities with unparalleled ease. The best part? All of these capabilities are delivered via the cloud so that you’re up and running in minutes to identify the critical security risks that exist in your applications.

Rapid7 InsightAppSec was previously known as InsightAppSec.

Rapid7 InsightAppSec Customers

CenterPoint Energy, CPA Australia, Hypertherm, First American Financial Corporation, Rackspace

Rapid7 InsightAppSec Video

Rapid7 InsightAppSec Pricing Advice

What users are saying about Rapid7 InsightAppSec pricing:
"The price of this product is very cheap."

Rapid7 InsightAppSec Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
MohamedTaha - PeerSpot reviewer
Cyber Security Division Manager at 3SC Security Solutions Services and Consultant
Real User
Top 5Leaderboard
Easy to use, amazing technical support, and it provides alerts when problems in code are identified
Pros and Cons
  • "It uses a signature-based method to check for problems with your code and will provide an alert if anything is found."
  • "In the future, if they can have integration with a lot of ticketing systems then it would be amazing."

What is our primary use case?

We use Rapid7 for application security. We use it ourselves and we also provide services for our customers. The primary use is for checking security assessments of web applications. If you need code scanning or API integration, then AppSec provides these options.

What is most valuable?

This product is easy to use. It uses a signature-based method to check for problems with your code and will provide an alert if anything is found. It will also give recommendations as to how to fix the issues.

What needs improvement?

The performance can be improved. I would like a facility to monitor applications after they have been scanned. For example, when new programming is done, an application should be scanned again because sometimes they add a lot of pages and can affect it. The application should be monitored to protect you from future attacks or mistakes made by the developer team. In the future, if they can have integration with a lot of ticketing systems then it would be amazing. This would mean that if you're using any ticketing system, then because the application is already integrated with it, and if there's an issue with the web application, it will automatically open a support ticket for the development team.

For how long have I used the solution?

I have been working with Rapid7 InsightAppSec for two years.
Buyer's Guide
Fortify WebInspect vs. Rapid7 InsightAppSec
May 2022
Find out what your peers are saying about Fortify WebInspect vs. Rapid7 InsightAppSec and other solutions. Updated: May 2022.
610,045 professionals have used our research since 2012.

What do I think about the stability of the solution?

I have not had any trouble with bugs or glitches.

What do I think about the scalability of the solution?

The scalability is good.

How are customer service and support?

The technical support is amazing. I have been in contact with the local office in Dubai, and they are very good.

How was the initial setup?

It is a cloud-based solution so the initial setup is very simple. You have an account, so you add the website to the application, and you should add your own website so that it has the authorization to scan your whole application.

What's my experience with pricing, setup cost, and licensing?

The price of this product is very cheap. A trial version is available for 60 days, where the reports and problem fixes are available for free.

What other advice do I have?

This is a product that I recommend and my advice for anybody who is interested in trying it, there is a free 60-day trial period where they will fix your problems without any payment. That will give you the opportunity to experiment with and gain experience scanning web applications. I would rate this solution a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Ascast - PeerSpot reviewer
Security Analyst at Millennium Technology Group
Real User
Top 10Leaderboard
Great stable and scalable solution with a very easy templates feature

What is our primary use case?

To scan our Web applications.

How has it helped my organization?

Opportunity to find vulnerabilities and procedures of remediation for our web applications,

What is most valuable?

The most common attack templates are easy to access and apply. For example, the OWASP 2017 template contains up to 64 opponent techniques that we can evaluate in our applications.

What needs improvement?

I find the AppSec interface for defining scans and targets a bit confusing at first, but with practice the logic of the operation flow is understood.


For how long have I used the solution?

I have been using this solution for about four to six months.

What do I think about the stability of the solution?

We haven't had any issues about this.

What do I think about the scalability of the solution?

Because is a cloud solution, scalability is not an issue.

How are customer service and technical support?

We have not yet had experience with Insight AppSec support cases.

How was the initial setup?

The initial setup is very easy and straightforward.

What other advice do I have?


Which deployment model are you using for this solution?

Private Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.