We performed a comparison between Cloudflare and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out what your peers are saying about Cloudflare, NETSCOUT, Akamai and others in Distributed Denial of Service (DDOS) Protection."Cloudflare allows us to self-host services such as Rocket.Chat and Node-RED, in high-availability mode, thanks to round robin DNS which allows us to share one hostname between our two locations."
"It is easier to configure and develop documentation to see how we have configured firewalls."
"The web application firewall brought us good security and a view of the accesses/blocks of the entire domain and subdomain that were accessed both by region (country) and IPs."
"Cloudflare offers CDN and DDoS protection. We have the front end, API, and database in how you structure applications."
"There are key things that are used for our enterprise customers, such as Lambda and DNS."
"DDoS attacks target unprotected machines. Cloudflare detects and stops these attacks using internal systems. It identifies incoming DDoS attacks, issuing challenges or blocking them immediately."
"It's very user-friendly."
"Many websites require an SSL certificate because they sell stuff and want SSL. Cloudflare comes with an SSL certificate built in. It's automatic. You sign yourself up for Cloudflare, and an SSL certificate automatically protects your website. You don't necessarily need a certificate if you have a connection between your website and your host, the server, Cloudflare, and the host."
"I would say that it is stable, as I am not aware of any major issues."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"The most valuable feature is the reporting, which is compliant with international standards."
"It scans all the components developed within a web application."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
"The setup is usually straightforward."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"Latencies are always a problem."
"It should have easier documentation for the configuration. It's very technical and people who aren't technical should also be able to do the configuration."
"The pricing could be improved."
"One area of improvement is in the Access Rules. Hypothetically, if we wanted to block or challenge traffic outside of the United States, the only way to currently do that (as far as I know) is to enter every single country outside of the United States. That could be a labor intensive job. A solution could be to enable users to create a rule where traffic is only allowed within a certain country."
"DNS Management."
"We're facing challenges due to an upgrade in the machine learning model. The problem arises from some users abusing the APIs, resulting in an influx of suspicious traffic. Cloudflare's learning model mistakenly identifies this traffic as human. Consequently, it assigns it a higher trust score, akin to legitimate human traffic, causing complications in our architecture. Previously, such traffic would have been categorized as suspicious, enabling us to apply appropriate blocking rules. However, we encounter difficulties distinguishing between genuine and suspicious traffic with the new categorization. Despite these challenges, overall, Cloudflare remains the preferred solution compared to Azure, AWS CloudFront, and Google Cloud Armor."
"They lack a good way to manage DNS as a company, since everything is relegated to single account logins until you get to the higher levels. They have come out with a paid feature to remedy this, but I have not had a chance to fully review it yet to know if it fixes the access problem."
"The solution could work at being less expensive. It costs a lot to use it."
"AppSpider has some problems with the RAM needed while scanning."
"Support response times are slow and can be improved."
"One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions."
"It needs better integration with mobile applications."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"The tech support is responsive but issues remain unresolved."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
Cloudflare is ranked 1st in Distributed Denial of Service (DDOS) Protection with 56 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. Cloudflare is rated 8.4, while Rapid7 AppSpider is rated 7.8. The top reviewer of Cloudflare writes "It's easy to set up because you point the DNS to it, and it's working in under 15 minutes". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". Cloudflare is most compared with Akamai, Azure Front Door, Imperva DDoS, AWS Shield and Microsoft Azure Application Gateway, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Veracode.
We monitor all Distributed Denial of Service (DDOS) Protection reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.