Compare AWS WAF vs. Rapid7 AppSpider

AWS WAF is ranked 9th in Web Application Firewall (WAF) with 8 reviews while Rapid7 AppSpider is ranked 15th in Application Security Testing (AST) with 4 reviews. AWS WAF is rated 7.8, while Rapid7 AppSpider is rated 8.2. The top reviewer of AWS WAF writes "Makes sure files are protected, but the solution should be more proactive in detecting threats". On the other hand, the top reviewer of Rapid7 AppSpider writes "Great for scanning target sub-domains, good reporting functionality and easy to use". AWS WAF is most compared with Akamai Kona, Imperva Incapsula and F5 BIG-IP, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, Checkmarx and OWASP Zap.
Cancel
You must select at least 2 products to compare!
AWS WAF Logo
3,116 views|2,483 comparisons
Rapid7 AppSpider Logo
1,809 views|1,085 comparisons
Most Helpful Review
Find out what your peers are saying about F5, Cloudflare, Imperva and others in Web Application Firewall (WAF). Updated: December 2019.
384,324 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
The security firewall plus the features that protect against database injections or scripting,The ability to take multiple data sets and match those data sets together is the solution's most valuable feature. The data lake that comes with it is very useful because that allows us to match data sets with different configurations that we wouldn't normally be able to match.The initial setup was very straightforward. Deployment took about ten minutes or less.The customized billing is the most valuable feature.It is a one-click WAF with no effort needed.It is Amazon. Everything is scalable. It is beyond what we need.It's simple, easy to use.The most valuable feature is the way it blocks threats to external applications.

Read more »

The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product.The most valuable feature is the reporting, which is compliant with international standards.Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements.I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us.

Read more »

Cons
For now, there is no feature to protect against attack of the bad botsThe solution is cloud-based, and therefore the billing model that comes with it could be more intuitive, in my opinion. It's very easy to not fully understand how you tag things for billing and then you can quite easily run up a high bill without realizing it. The solution needs to be more intuitive around the tagging system, which enables the billing. Right now, I have a cloud architect that does that on our behalf and it isn't something that a business user could use because it still requires quite a lot of technical knowledge to do effectively.They should work to define more threats, add more security, and make it more compliant with more security companies.In a future release of this solution, I would like to see additional management features to make things simpler.We need more support as we go global.The user experience, the interface, is lacking. Sometimes it's hard to find certain areas that it has alerted on.In a future release I would like to see automation. There's no interaction between the applications and that makes it tedious. We have to do the preparation all over again for each of our other applications.They have to do more to improve, to innovate more features. They need to increase the security. It has to be more active in detecting threats.

Read more »

The solution is too slow. It could take a full day to scan. Competitors are much faster.This price of this solution is a little bit expensive.Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan.The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great.

Read more »

Pricing and Cost Advice
There are different scale options available for WAF.There are no costs in addition to the standard licensing fees.It's an annual subscription.

Read more »

Information Not Available
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
384,324 professionals have used our research since 2012.
Ranking
Views
3,116
Comparisons
2,483
Reviews
7
Average Words per Review
372
Avg. Rating
7.9
Views
1,809
Comparisons
1,085
Reviews
4
Average Words per Review
330
Avg. Rating
8.3
Top Comparisons
Compared 17% of the time.
Compared 16% of the time.
Compared 12% of the time.
Compared 20% of the time.
Compared 9% of the time.
Also Known As
AWS Web Application FirewallAppSpider
Learn
Amazon
Video Not Available
Rapid7
Overview

AWS WAF is a web application firewall that helps protect your web applications from common web exploits that could affect application availability, compromise security, or consume excessive resources. AWS WAF gives you control over which traffic to allow or block to your web applications by defining customizable web security rules. You can use AWS WAF to create custom rules that block common attack patterns, such as SQL injection or cross-site scripting, and rules that are designed for your specific application. New rules can be deployed within minutes, letting you respond quickly to changing traffic patterns. Also, AWS WAF includes a full-featured API that you can use to automate the creation, deployment, and maintenance of web security rules.

SPAs, APIs, mobile—the evolution of application technology is measured in months, not years. Is your web application security testing tool designed to keep up? AppSpider lets you collect all the information needed to test all the apps so that you aren’t left with gaping application risks.

Our dynamic application security testing (DAST) solution crawls to the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster. With AppSpider on your side (or, rather, all of your sides), you’ll be able to scan all the apps today and always be ready for whatever comes next.

Offer
Learn more about AWS WAF
Learn more about Rapid7 AppSpider
Sample Customers
eVitamins, 9Splay, Senao InternationalMicrosoft
Top Industries
VISITORS READING REVIEWS
Software R&D Company36%
Comms Service Provider15%
Media Company14%
Retailer10%
VISITORS READING REVIEWS
Software R&D Company33%
Comms Service Provider25%
Financial Services Firm8%
K 12 Educational Company Or School5%
Find out what your peers are saying about F5, Cloudflare, Imperva and others in Web Application Firewall (WAF). Updated: December 2019.
384,324 professionals have used our research since 2012.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email