We performed a comparison between Fortify WebInspect and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution's technical support was very helpful."
"When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"Guided Scan option allows us to easily scan and share reports."
"The most valuable feature is the static analysis."
"Technical support has been good."
"The user interface is ok and it is very simple to use."
"It is scalable and very easy to use."
"The setup is usually straightforward."
"It is really accurate and the rate of false positives is very low."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"I would say that it is stable, as I am not aware of any major issues."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"The initial setup was complex."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"Lately, we've seen more false negatives."
"Not sufficiently compatible with some of our systems."
"A localized version, for example, in Korean would be a big improvement to this solution."
"Creating reports is very slow and it is something that should be improved."
"We have often encountered scanning errors."
"We have had a problem with authentification."
"One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"The performance of the solution could improve. When I compare the speed it is slower than others on the market. There are some tricks we use to help speed up the solution."
"Support response times are slow and can be improved."
"This price of this solution is a little bit expensive."
"The tech support is responsive but issues remain unresolved."
"The dashboard and interface are crucial and they need some improvement."
"AppSpider has some problems with the RAM needed while scanning."
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while Rapid7 AppSpider is ranked 26th in Static Application Security Testing (SAST) with 13 reviews. Fortify WebInspect is rated 7.0, while Rapid7 AppSpider is rated 7.8. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Fortify WebInspect is most compared with PortSwigger Burp Suite Professional, Fortify on Demand, Acunetix, OWASP Zap and HCL AppScan, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Qualys Web Application Scanning. See our Fortify WebInspect vs. Rapid7 AppSpider report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.