We performed a comparison between AWS WAF and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out what your peers are saying about Amazon Web Services (AWS), Microsoft, F5 and others in Web Application Firewall (WAF)."What I like best about AWS WAF is that it's a simple tool, so I could understand the basics of AWS WAF in two to three hours."
"The most valuable features of AWS WAF are its cloud-native and on-demand."
"The solution is stable."
"The most valuable features are the geo-restriction denials and the web ACL."
"The security firewall plus the features that protect against database injections or scripting,"
"The web solution effectively protects from vulnerabilities and cyber attacks."
"The most valuable feature of AWS WAF is the extra layer of security that I have when connecting to my web applications."
"The most valuable aspect is that it protects our code. It's a bit difficult to overwrite code in our application. It also protects against threats."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"I would say that it is stable, as I am not aware of any major issues."
"It scans all the components developed within a web application."
"The most valuable feature of Rapid7 AppSpider is the vulnerability reporting data. Additionally, the data is reported in a convenient way rather than seeing them as a PDF. We are able to generate all the reports exactly what we want in a flexible way."
"The setup is usually straightforward."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"It is really accurate and the rate of false positives is very low."
"The product must provide more features."
"They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats."
"We have issues with reporting, troubleshooting, and analytics. AWS WAF needs to bring costs down."
"We don't have much control over blocking, because the WAF is managed by AWS."
"The setup is complicated."
"The solution could be more reliable."
"On the UI side, I would like it if they could bring back the geolocation view on the corner."
"We need more support as we go global."
"The tech support is responsive but issues remain unresolved."
"One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"Integration could be better."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"The dashboard and interface are crucial and they need some improvement."
"It needs better integration with mobile applications."
AWS WAF is ranked 1st in Web Application Firewall (WAF) with 51 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. AWS WAF is rated 8.2, while Rapid7 AppSpider is rated 7.8. The top reviewer of AWS WAF writes "A highly stable solution that helps mitigate different kinds of bot attacks and SQL injection attacks". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". AWS WAF is most compared with Azure Web Application Firewall, Microsoft Azure Application Gateway, Imperva Web Application Firewall, F5 Advanced WAF and Cloudflare Web Application Firewall, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Tenable.io Web Application Scanning.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.