2019-03-11T07:21:00Z

What needs improvement with Rapid7 InsightAppSec?

Julia Miller - PeerSpot reviewer
  • 0
  • 5
PeerSpot user
11

11 Answers

Vikas Dusa - PeerSpot reviewer
Real User
Top 5
2024-03-04T18:09:01Z
Mar 4, 2024

Rapid7 InsightAppSec needs improvement in detecting phishing pages.

Search for a product comparison
SR
Real User
Top 5
2023-12-11T12:31:10Z
Dec 11, 2023

We get a lot of false positives during the tests.

Linh Trương Mạnh - PeerSpot reviewer
Real User
Top 10
2023-10-02T02:54:00Z
Oct 2, 2023

The product’s pricing could be flexible compared to Acronis.

RB
Real User
Top 5
2023-07-28T16:03:22Z
Jul 28, 2023

The number of web applications we can scan is limited. There's a cost associated with how many web apps we want to scan.

DS
Real User
Top 10
2022-11-14T17:20:06Z
Nov 14, 2022

They should add more features. I would like to see them do a little more on static analysis and also interactivity analysis. Currently, it does very basic static analysis. It could do a little more static analysis, which is something that would help. A lot more interactivity analysis should also be there. It should basically look at security during interactivity.

KW
Real User
Top 5Leaderboard
2022-09-20T17:34:17Z
Sep 20, 2022

We'd like to see integrations with WAF solutions. That could be improved. Rapid7 has a new solution to test a secure application and integrate with the secure application, however, sometimes, our customer has a Web Application Firewall externally.

Find out what your peers are saying about Rapid7, HCLTech, OpenText and others in Dynamic Application Security Testing (DAST). Updated: March 2024.
765,386 professionals have used our research since 2012.
Nixon Bagalkoti - PeerSpot reviewer
Real User
Top 5Leaderboard
2022-08-17T10:37:03Z
Aug 17, 2022

Scanning can be better. When you add new projects for the same product, it either duplicates or replaces the scan configuration. If I run a scan for the same product with a different scan configuration, it should keep the previous scan configuration and not replace it with the new scan configuration. It should just add the new scan configuration. That would be helpful. They do keep the results as it is, but the scan configuration keeps changing. For example, I have set a scan configuration to a full scan, and next week, I want to run a new scan for the same product with some changes or new functionalities. I want to run a partial scan. Currently, if I change the scan configuration to partial, it changes the old one also to partial. That should be improved. They need to work on the user interface and management of all the projects. Their support can also be improved a little. They should also focus on a wider integration scale and end-to-end scanning.

MT
Real User
2020-12-07T20:53:37Z
Dec 7, 2020

The performance can be improved. I would like a facility to monitor applications after they have been scanned. For example, when new programming is done, an application should be scanned again because sometimes they add a lot of pages and can affect it. The application should be monitored to protect you from future attacks or mistakes made by the developer team. In the future, if they can have integration with a lot of ticketing systems then it would be amazing. This would mean that if you're using any ticketing system, then because the application is already integrated with it, and if there's an issue with the web application, it will automatically open a support ticket for the development team.

CC
Real User
2020-09-06T08:04:31Z
Sep 6, 2020

I find the AppSec interface for defining scans and targets a bit confusing at first, but with practice the logic of the operation flow is understood.

NF
Real User
2020-06-15T07:34:15Z
Jun 15, 2020

The reporting is definitely an aspect of the solution that's in need of some work. We found that we'd try to use widgets, but often getting them to work for us wasn't very clear. They need to be more user friendly or offer better instructions. The solution needs to have a softcore scan or scan that integrates better with the content.

MG
Real User
2019-03-11T07:21:00Z
Mar 11, 2019

I would like more details of what the product can do. For the new vulnerabilities and information which comes out, I would like to see them do some specific in-house application testing for companies who do their own application development.