Compare Fortinet FortiWeb vs. Rapid7 AppSpider

Fortinet FortiWeb is ranked 4th in Web Application Firewall (WAF) with 13 reviews while Rapid7 AppSpider is ranked 16th in Application Security Testing (AST) with 4 reviews. Fortinet FortiWeb is rated 8.2, while Rapid7 AppSpider is rated 8.2. The top reviewer of Fortinet FortiWeb writes "Good pricing, and provides for faster and more secure application deployment". On the other hand, the top reviewer of Rapid7 AppSpider writes "Great for scanning target sub-domains, good reporting functionality and easy to use". Fortinet FortiWeb is most compared with F5 BIG-IP, FortiADC and Cloudflare, whereas Rapid7 AppSpider is most compared with Checkmarx, Rapid7 InsightAppSec and OWASP Zap.
Cancel
You must select at least 2 products to compare!
Most Helpful Review
Find out what your peers are saying about F5, Imperva, Cloudflare and others in Web Application Firewall (WAF). Updated: October 2019.
377,029 professionals have used our research since 2012.
Quotes From Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros
FortiWeb offers machine learning in the latest product. This fixed many problems. There are no false negatives.It's the extra security that is the most valuable feature. You have insight into your traffic. There are some great insights into what utilities hackers are trying to exploit. It blocks a lot of stuff from the internet.The most valuable feature in this solution is the ability to disseminate between the user entering some wrong value to the field, and a suspicious actor trying to exploit some known vulnerability.What we like about Fortinet FortiWeb is it has all the features. We use all of them, so we have to turn on all the options.All the features that FortiGate contains are very suitable for our business. We work with other products in Fortinet, FortiWeb, FortiSandbox, FortiMail, and FortiCache. We use all UTM features like self-encryption, encryption, all UTM features.When we had Cisco we had around thirty thousand entries on our firewalls. Now we are down to three thousand. Fortinet has a mechanism to detect all of your entries which are not used, and it can clean it up.Security Fabric integration. This is really a value-added feature as FortiWeb can interact with the rest of the client’s Fortinet pack to provide an intelligent security layer like (FortiSIEM for central log management and correlation, FortiGate, FortiSandbox for malware analysis, etc.).The most valuable feature is the web application firewall (WAF).

Read more »

The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product.The most valuable feature is the reporting, which is compliant with international standards.Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements.I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us.

Read more »

Cons
Fortinet FortiWeb is not scalable. You'll need more budget to change the hardware.The solution is rather complicated. If you know what to do, it's not bad, but it's complicated for a first time user to configure the solution. What I'd like to improve are the custom signatures.We would like to know more about the integration with the hardware or security products, such as Gemalto, because we need to move to that point.Fortinet FortiWeb needs to improve the way it's configured. Common services like publishing exchange should be done in one click only.New releases and old releases have some bugs, some features do not work as good as we want but every new release the Fortinet team fixes up problems.I would like to have an antivirus option.FortiWeb does not exist in a cloud-based form. Its only available for deployment as a virtual appliance on AWS and Azure IaaS platforms. Because of the trend to WAF environments, it would be good to have it as a SaaS. Also, FortiWeb would be more competitive if it combined WAF and DDoS protection.​Their support needs improvement.

Read more »

The solution is too slow. It could take a full day to scan. Competitors are much faster.This price of this solution is a little bit expensive.Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan.The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great.

Read more »

Pricing and Cost Advice
The solution gives us the best price to performance ratio.The license cost depends on the size of the box or the size of the solution. It can go from €200 Euros to a few hundred thousand Euros a year depending on your size.​The pricing is reasonable.​It really pays off to buy licences for multiple years​.Keep a loose margin between your actual bandwidth and the product sizing when using hardware appliances. Only virtual machines are upgradable to larger sizes.Cheaper than others.FortiWeb can be purchased in VM mode for a lower price and the same features.

Read more »

Information Not Available
report
Use our free recommendation engine to learn which Web Application Firewall (WAF) solutions are best for your needs.
377,029 professionals have used our research since 2012.
Ranking
Views
8,700
Comparisons
6,798
Reviews
10
Average Words per Review
349
Avg. Rating
8.1
Views
1,660
Comparisons
995
Reviews
3
Average Words per Review
259
Avg. Rating
8.3
Top Comparisons
Compared 26% of the time.
Compared 21% of the time.
Compared 6% of the time.
Compared 24% of the time.
Compared 9% of the time.
Also Known As
AppSpider
Learn
Fortinet
Rapid7
Overview

FortiWeb is a web application firewall (WAF) that protects hosted web applications from attacks that target known and unknown exploits. Using multi-layered and correlated detection methods, FortiWeb defends applications from known vulnerabilities and from zero-day threats.

SPAs, APIs, mobile—the evolution of application technology is measured in months, not years. Is your web application security testing tool designed to keep up? AppSpider lets you collect all the information needed to test all the apps so that you aren’t left with gaping application risks.

Our dynamic application security testing (DAST) solution crawls to the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster. With AppSpider on your side (or, rather, all of your sides), you’ll be able to scan all the apps today and always be ready for whatever comes next.

Offer
Learn more about Fortinet FortiWeb
Learn more about Rapid7 AppSpider
Sample Customers
Lush, Barnabas Health, Options, Riverside Healthcare, Hillsbourough County Schools, Columbia Public Schools, Schiller AGMicrosoft
Top Industries
REVIEWERS
Financial Services Firm30%
Comms Service Provider20%
Consumer Goods10%
Mining And Metals Company10%
VISITORS READING REVIEWS
Software R&D Company34%
Comms Service Provider21%
Media Company8%
Financial Services Firm6%
VISITORS READING REVIEWS
Software R&D Company33%
Comms Service Provider26%
Financial Services Firm5%
K 12 Educational Company Or School5%
Find out what your peers are saying about F5, Imperva, Cloudflare and others in Web Application Firewall (WAF). Updated: October 2019.
377,029 professionals have used our research since 2012.
We monitor all Web Application Firewall (WAF) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Sign Up with Email