I like that the product allows us to have an internal and external scanner. We can authenticate scans and pick and choose which attacks we want to use. It is a very robust solution.

In Rapid7 InsightAppSec, a distinctive feature is the provision of a CDM for integrating web servers and web applications. To establish the connection between these applications, you only need to paste the provided CDN into your metadata. Once connected, every piece of information, including vulnerabilities, can be accessed. It also offers demo sessions. 

If there is any malicious network traffic targeting a specific web application, it is designed to detect and showcase the entire scenario. It provides insights into potential vulnerabilities, including issues related to process scripting or content security policy vulnerabilities.

Setting up and configuring scans within the tool is easy, and I would rate it a nine out of ten. It provides videos on YouTube, along with documentation that breaks down the process into step-by-step instructions. 

I like the user interface and the friendly nature of the tool. It is very user-friendly for anyone to use it. The customization part for scanning is also good. 

You have various attack modules, and you also have the Attack Replay feature for the attack sequence. You can reproduce an attack and see it. That is a very good feature I noticed in this solution. It helps developers as well.

The product’s most valuable feature is UI. It is easy to manage and find vulnerabilities in the application.

The most valuable feature of this solution is the graphical interface. It's pretty good, I would rate it a four out of five. Because even, for example, to go and find how to reach your support, let's say you have a ticket, or you want to open for discussion, or you have a question or there's something wrong and you have to create a ticket. 

But even to create the ticket, it's not really seamless to find because they have changed their website around. But besides that, it's pretty easy, 

I would say four out of five, like I said, to kind of go around their app. It's not too, too difficult, but it's not the easiest.

It is very convenient to get reports from the tool, which offers high-level environmental statistics. 

AppSec is a Software as a Service. So we don't need to upgrade it.

It is easy to use and deploy to the customer.

The recorder for the login sequence to the customer application is great.

The solution is stable.

It is very easy to scale. Users can expand it if they need to.

It's very easy to use and user-friendly. It does the job.

This product is easy to use.

It uses a signature-based method to check for problems with your code and will provide an alert if anything is found. It will also give recommendations as to how to fix the issues.

The way the solution arranged the web scanning was the most valuable aspect for us.

How it integrates with the rest of my systems. I like how they have done some scanning which is reaching into my environment.

The most common attack templates are easy to access and apply. For example, the OWASP 2017 template contains up to 64 opponent techniques that we can evaluate in our applications.