Rapid7 InsightAppSec Reviews

We use Rapid7 for application security. We use it ourselves and we also provide services for our customers. The primary use is for checking security assessments of web applications. If you need code scanning or API integration, then AppSec provides these options.

This product is easy to use.

It uses a signature-based method to check for problems with your code and will provide an alert if anything is found. It will also give recommendations as to how to fix the issues.

The performance can be improved.

I would like a facility to monitor applications after they have been scanned. For example, when new programming is done, an application should be scanned again because sometimes they add a lot of pages and can affect it. The application should be monitored to protect you from future attacks or mistakes made by the developer team.

In the future, if they can have integration with a lot of ticketing systems then it would be amazing. This would mean that if you're using any ticketing system, then because the application is already integrated with it, and if there's an issue with the web application, it will automatically open a support ticket for the development team.

I have been working with Rapid7 InsightAppSec for two years.

I have not had any trouble with bugs or glitches.

The scalability is good.

The technical support is amazing. I have been in contact with the local office in Dubai, and they are very good.

It is a cloud-based solution so the initial setup is very simple.

You have an account, so you add the website to the application, and you should add your own website so that it has the authorization to scan your whole application.

The price of this product is very cheap. A trial version is available for 60 days, where the reports and problem fixes are available for free.

This is a product that I recommend and my advice for anybody who is interested in trying it, there is a free 60-day trial period where they will fix your problems without any payment. That will give you the opportunity to experiment with and gain experience scanning web applications.

I would rate this solution a ten out of ten.

To scan our Web applications.

Opportunity to find vulnerabilities and procedures of remediation for our web applications,

The most common attack templates are easy to access and apply. For example, the OWASP 2017 template contains up to 64 opponent techniques that we can evaluate in our applications.

I find the AppSec interface for defining scans and targets a bit confusing at first, but with practice the logic of the operation flow is understood.

I have been using this solution for about four to six months.

We haven't had any issues about this.

Because is a cloud solution, scalability is not an issue.

We have not yet had experience with Insight AppSec support cases.

The initial setup is very easy and straightforward.

The primary use case is vulnerability scanning and discovering.

• Visibility
• Realization of how my systems are developed.
• An identification of vulnerabilities.

How it integrates with the rest of my systems. I like how they have done some scanning which is reaching into my environment.

I would like more details of what the product can do.

For the new vulnerabilities and information which comes out, I would like to see them do some specific in-house application testing for companies who do their own application development.

The technical support is very helpful. I have used them in the last month.

Our previous solution was not as robust, so we needed this solution in order to achieve our goals and objectives.

I think the initial setup was straightforward.

We did it ourselves.

We have seen measurable decrease in the mean time to respond to threats by 20 percent.

We have seen staff productivity increase by approximately one team member.

We were kind of adopted into this because a sister company of ours also had this solution. Therefore, we just integrated and adopted it instead of looking for others.

Give it a try. It exceeds my expectations, and I'm curious to see what else they can release.