Rapid7 AppSpider Overview

Rapid7 AppSpider is the #13 ranked solution in our list of AST tools. It is most often compared to Rapid7 InsightAppSec: Rapid7 AppSpider vs Rapid7 InsightAppSec

What is Rapid7 AppSpider?

SPAs, APIs, mobile—the evolution of application technology is measured in months, not years. Is your web application security testing tool designed to keep up? AppSpider lets you collect all the information needed to test all the apps so that you aren’t left with gaping application risks.

Our dynamic application security testing (DAST) solution crawls to the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster. With AppSpider on your side (or, rather, all of your sides), you’ll be able to scan all the apps today and always be ready for whatever comes next.

Rapid7 AppSpider is also known as AppSpider.

Rapid7 AppSpider Buyer's Guide

Download the Rapid7 AppSpider Buyer's Guide including reviews and more. Updated: January 2021

Rapid7 AppSpider Customers

Microsoft

Rapid7 AppSpider Video

Pricing Advice

What users are saying about Rapid7 AppSpider pricing:
  • "It is expensive if you want to buy the Enterprise version that is able to scan multiple applications at once."
  • "The price is pretty fair."

Rapid7 AppSpider Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
reviewer1399617
Network & Security Engineer at a tech consulting company with 11-50 employees
Reseller
Top 5
Sep 29, 2020
Scan web applications for vulnerabilities and automate testing with various engines

What is our primary use case?

The customer that I handle right now uses AppSpider to scan web applications for vulnerabilities and application testing.

Pros and Cons

  • "When it is set up properly, it can do scanning on web apps with multiple engines automatically."
  • "AppSpider could improve in the area of integration. They need to add more integration opportunities."
  • "The enterprise interface is too simple. It should be more customizable."
  • "The tech support is responsive but issues remain unresolved."

What other advice do I have?

On a scale of one to ten (where one is the worst and ten is the best), I would rate Rapid7 AppSpider as a seven or eight-out-of-ten.
Andrei Bigdan
Assistant at Taras Shevchenko National University of Kyiv
Real User
Top 5Leaderboard
Nov 10, 2019
Great for scanning target sub-domains, good reporting functionality and easy to use

What is our primary use case?

We primarily use the solution for compliance control. Our clients prefer to be audited several times a year.

Pros and Cons

  • "The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
  • "The solution is too slow. It could take a full day to scan. Competitors are much faster."

What other advice do I have?

We use the on-premises deployment model. I personally prefer the on-premises version over the cloud version. I'd recommend the solution, but only the on-premises deployment model as it's very portable and can reside on your workstation. You can use it to provide reports without having to be connected to the internet. I'd rate the solution eight out of ten.
Learn what your peers think about Rapid7 AppSpider. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
455,301 professionals have used our research since 2012.
Hassan-Moussafir
Information Security Senior Expert (Founding member, African Cybersecurity Center) at a financial services firm with 10,001+ employees
Real User
Top 5
Oct 26, 2019
Efficient, performs well, and has good reporting that complies with international standards

What is our primary use case?

We use this solution for web application security testing. The Rapid7 AppSpider solution deployment project has come to address an organizational need that complies with the ISO27001 standard with the integration of the solution in the vulnerability management processes as well as the change management process in its phase audit before going into production. All of our solutions are on-premises because are regulatory requirements state that they must be in order to comply with security. They do not want data to be available on the cloud in different parts of the world, so it must not leave the… more »

Pros and Cons

  • "The most valuable feature is the reporting, which is compliant with international standards."
  • "This price of this solution is a little bit expensive."

What other advice do I have?

This solution is a leader in the industry. The reporting is really important for us. We are certified and we are compliant. We needed both AppSpider and Nexpose to complete for our requirements. It also has another useful module called Metasploit. My advice is that everybody should try this solution. It's excellent. I would rate this solution a ten out of ten.
reviewer1327302
Security Consultant at a tech vendor with 11-50 employees
Consultant
Top 5
Apr 21, 2020
Good reporting and integrates well into the software development lifecycle

What is our primary use case?

We are a distributor for Rapid7 and AppSpider is one of the products that we implement for our clients. It does a scan that performs about 100 checks on web applications and produces a clear report on all of the vulnerabilities that are found. It is a dynamic scanner.

Pros and Cons

  • "It is really accurate and the rate of false positives is very low."
  • "Support response times are slow and can be improved."

What other advice do I have?

My advice to anybody who is considering this solution is that there are other products out there, and everyone has their own requirements. If AppSpider meets the requirements then it is a great one to implement. I would rate this solution an eight out of ten.
Girish Kikkeri
Cyber Security Consultant at Relevance Lab
Consultant
Top 20
Jun 6, 2019
The identification mechanism can enhance each scan through consideration options

What is our primary use case?

We put Rapid7 AppSpider on the application scans for our network.

Pros and Cons

  • "Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
  • "Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."

What other advice do I have?

All aspects of Rapid7 AppSpider are good. On a scale from one to ten, I would rate this product an eight.
reviewer1284219
Program Director at a financial services firm with 201-500 employees
Real User
Top 10
Mar 9, 2020
A stable solution used for mining market insights, but the interface needs improvement

What is our primary use case?

We are using Rapid 7 AppSpider mainly for mining data and looking for market manipulations.

What is most valuable?

The most valuable feature is the ability to mine data.

What needs improvement?

The dashboard and interface are crucial and they need some improvement.

For how long have I used the solution?

I have been using Rapid7 AppSpider for two or three years.

What do I think about the stability of the solution?

I would say that it is stable, as I am not aware of any major issues.

What do I think about the scalability of the solution?

I don't know if it is scalable, as we haven't gotten to that stage yet. We are still testing it on quantities and conditions. Theoretically, yes, it's scalable. We have between 10 and 20 users.

How are

reviewer1399617
Network & Security Engineer at a tech consulting company with 11-50 employees
Reseller
Top 5
Dec 27, 2020
scalable, good customer service, and simple install

What is our primary use case?

I try to have our customers to use the solution, then I review the solution, and then I help customers deploy the applications.

What is most valuable?

Testing the vulnerability of applications.

What needs improvement?

Integration could be better. For example, while doing the scanning, using the recording username and passwords, there are issues. Also, they could integrate CSED into the product which would benefit in the future.

What do I think about the scalability of the solution?

We have had no problems with scalability.

How are customer service and technical support?

Customer service has been quite good.

How was the initial setup?

The setup is usually straightforward.

What about the implementation team?

We do the deployment for our…
Securitye116
Security Engineer
Real User
Mar 28, 2019
I like the ability the product has to detect vulnerabilities quickly, but the product needs to be able to scale

What is most valuable?

I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us.

What do I think about the stability of the solution?

The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great.

What other advice do I have?

It has good features.
Buyer's Guide
Download our free Rapid7 AppSpider Report and get advice and tips from experienced pros sharing their opinions.