We performed a comparison between Fortinet FortiWeb and Rapid7 Metasploit based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), F5, Microsoft and others in Web Application Firewall (WAF)."FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives."
"Also, if you serve files or you accept files with your server, Fortiweb has built-in antivirus. The Fortinet product family also provides good IP intelligence (botnet C&C, etc.)."
"The GUI makes it easy to scale in terms of learning and utilization."
"The valuable feature of Fortinet FortiWeb vulnerability scanner"
"You have the ability to control everything from one single dashboard."
"The initial setup is pretty straightforward."
"Auto Learn feature: Makes policy additions or deletions for my customers very simple"
"Built-in security templates, AV integrated, strong threat intelligence."
"All of the features are great."
"The solution is open source and has many small targetted penetration tests that have been written by many people that are useful. You can choose different subjects for the test, such as Oracle databases or Apache servers."
"Stability-wise, I rate the solution a nine out of ten...Scalability-wise, I rate the solution a nine out of ten."
"The tool's most useful feature for penetration testing is its automation capabilities. With the professional edition, you can upload the results from Nessus in the Rapid7 Metasploit solution portal."
"Rapid7 Metasploit is a useful product."
"The greatest advantage of Rapid7 Metasploit is that it is the only system that can directly exploit vulnerabilities on the Metasploit platform."
"I don't have any other tools like it, and I always use it when I'm doing a pen test. Metasploit is a great solution for penetration testing,"
"The most valuable feature for us is the support for testing Linux-based web server components."
"No solution is 100% secure and the security could always be worked on."
"The initial setup is complex."
"It may be better if it were easier to create roles."
"The solution is not very scalable, to scale up would require another deployment with a new appliance and a change to the network."
"If the price was lower, it would be a bit more attractive, as an option, to the customers."
"Fortinet FortiWeb could improve in reference architecture for different deployment scenarios."
"They could improve their support a little bit for faster response time."
"The solution could improve by being able to handle different use cases."
"Metasploit cannot be installed on a machine with an antivirus."
"Better automation capabilities would be an improvement."
"The initial setup was a bit "tweaky" for the open-source version."
"The solution should improve the responsiveness of its live technical support."
"Advanced Infrastructure should be implemented in the next release for better orchestration."
"There are numerous outdated exploits in their database that should be updated."
"At the time I was using it, the graphical user interface needed some improvements."
"The open-source version has reporting limitations. You need to develop these capabilities yourself. Built-in reporting is an excellent feature for penetration testing, but it isn't a must-have. The solution could also cover more vulnerabilities. Metasploit has around 10,000 exploits in its library, but more is always better."
Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 83 reviews while Rapid7 Metasploit is ranked 13th in Vulnerability Management with 18 reviews. Fortinet FortiWeb is rated 8.0, while Rapid7 Metasploit is rated 7.6. The top reviewer of Fortinet FortiWeb writes "Cost-effective, easy to configure, and works very well as a single solution for multiple environments". On the other hand, the top reviewer of Rapid7 Metasploit writes "Helps find vulnerabilities in a system to determine whether the system needs to be upgraded". Fortinet FortiWeb is most compared with F5 Advanced WAF, Fortinet FortiADC, AWS WAF, Azure Web Application Firewall and Imperva Web Application Firewall, whereas Rapid7 Metasploit is most compared with Tenable Nessus, Pentera, Acunetix, Rapid7 InsightVM and Nucleus.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.