Name: Rapid7 AppSpider
Price: 2000 USD
Rating: 8.6 (6 reviews)
Author: Rapid7

Help Desk

Web and Video Conferencing

Customer Support

Business Intelligence (BI)

Collaboration

Communications Platform as a Service (CPaaS)

Diagramming

Enterprise

Accounting

Revenue Management

Finance and Accounting

Applicant Tracking

Corporate Learning Management

HR Management

HR Service Delivery

Payroll

Talent Intelligence

Talent Management

Technical Skills Assessment

Workforce Analytics

Workforce Management

Human Resources

Application Infrastructure

Cloud Storage

Data Center Infrastructure Management

Data Center Networking

Data Mapping

Data Observability

Debugging

Electronic Data Interchange (EDI)

Endpoint Encryption

Ethernet Switches

Event Monitoring

Fraud Detection

Industrial IoT

Integration Platform as a Service (iPaaS)

Managed Detection and Response (MDR)

Mobile Application Performance Monitoring  (APM)

Network Performance Monitoring

Password Management System

Rack Servers

Software Defined Storage (SDS)

Static Code Analysis

Tape Storage

Threat Hunting

VoIP Monitoring

Voice Recognition

Web Application Firewalls

Wireless WAN

Information Technology

A/B Testing

Ad Serving & Retargeting

All-in-One Marketing

Content Experience

Content Management

Creative Management

Customer Journey Analytics

Digital Analytics

Digital Rewards

Digital Signage

Email Marketing

Marketing Automation

Predictive Analytics

Real-Time Interaction Management

Social Login

Social Media Management

Survey & Forms Building

Swag Management

Web Analytics

Marketing

Business Caller ID

Project Management

Professional Services

Customer Relationship Management (CRM)

Predictive Sales Analytics

Presales

eCommerce

Sales

Animation

Legal Billing

Public Sector Software

Spreadsheet

Vertical-Specific

medium

large

The Burp Suite, from UK-based alcohol-themed software company PortSwigger Web Security, is an application security and testing solution.

PortSwigger Burp Suite

Penetration Testing

PortSwigger Web Security

InsightVM is presented as the next evolution of Nexpose, by Rapid7. This Insight cloud-based solution features everything included in Nexpose, such as Adaptive Security and the proprietary Real Risk score, and extends visibility into cloud and containerized infrastructure. InsightVM also offers advanced remediation, tracking, and reporting capabilities not included in Nexpose.

insightIDR

Vulnerability Management

Application Security

Log Management

insignConnect

Rapid7 InsightVM

Threat Intelligence

Vulnerability Management Tools

Network Analytics

Threat Recognition

Vulnerability Classification

Automated Alerts and Reporting

Threat Analysis

Threat Intelligence Reporting

Automated Threat Identification

IT Asset Realization

Authentication

Configuration Monitoring

Web Scanning

Vulnerability Intelligence

Rapid7

Top Rated 2023

small

Veracode is an application security platform that performs five types of analysis; static analysis, dynamic analysis, software composition analysis, interactive application security testing, and penetration testing. Veracode offers on-demand expertise and aims to help companies fix security defects.

Veracode

SonarQube is a code quality and vulnerability solution for development teams that integrates with CI/CD pipelines to ensure the software you produce is secure, reliable, and maintainable.

Community

Developer EDITION

Enterprise EDITION

Data Center EDITION

SonarQube

Static Application Security Testing (SAST)

Sonar

Checkmarx, an Israeli headquartered company with US offices, provides a suite of application security software delivered via the Checkmarx Software Security Platform. Individual modules and capabilities include Checkmarx Static Application Security Testing, Checkmarx Software Composition Analysis, Checkmarx Interactive Application Security Testing (CxIAST)

Checkmarx

AcuSensor from Maltese company Acunetix is application security and testing software.

Websites Scanned: 5

Websites Scanned: 6-10

Websites Scanned: 11-20

Websites Scanned: 21-35

Websites Scanned: 36-50

Websites Scanned: Over 50

Acunetix by Invicti

Invicti Security

Vulnerability management specialist Tenable offers their cloud application and container security platform Tenable Web App Scanning (formerly Tenable.io), a vulnerability management tool that emphasizes visibility of web applications, automatic scanning, and a unified view of cloud infrastructure and possible inconsistencies indicating a vulnerability.

Tenable Vulnerability Management

Tenable Vulnerability Management Tenable.io

Tenable

Tenable headquartered in Columbia offers Nessus, a vulnerability scanning and security assessment solution used to analyze an entity's security posture, vulnerability testing, and provide configuration assessments.

1 Year

1 Year + Advanced Support

2 Years

2 Years + Advanced Support

3 Years + Advanced Support

3 Years

Tenable Nessus

Qualys TruRisk Platform (formerly Qualys Cloud Platform, or Qualysguard), from San Francisco-based Qualys, is network security and vulnerability management software featuring app scanning and security, network device mapping and detection, vulnerability prioritization schedule and remediation, and other features to provide vulnerability management and network attack surface reduction.

Qualys TruRisk Platform

Qualys Cloud Platform / Qualysguard Qualys TruRisk Platform Qualysguard

Qualys

Metasploit is open source network security software described by Rapid7 as the world’s most used penetration testing framework, designed to help security teams do more than just verify vulnerabilities, manage security assessments, and improve security awareness.

Metasploit

AppSpider, from Boston-based Rapid7, is an application security and testing offering based on technology acquired from NT OBJECTives (their similarly named software NTOSpider, acquired with the company during April, 2015).

InsightAppSec

GitLab Essential

GitLab Premium

GitLab Ultimate

GitLab

Version Control

Version Control Software Features

Branching and Merging

Version History

Version Control Collaboration Tools

Pull Requests

Code Review Tools

Project Access Control

Automated Testing Integration

Issue Tracking Integration

Branch Protection

Rapid7 AppSpider

Dynamic Application Security Testing (DAST)

Application Security Testing is a key element of ensuring that web applications remain secure. Various tools and managed services exist to provide continuous testing, besides application security platforms that include app testing as part of their functionality. Dynamic Application Security Tests (DAST) scans applications for vulnerabilities while they are running or in production, simulating real life conditions.

Likelihood to Recommend

Rapid7 Managed Security Services (Rapid7 MDR)

Managed

Rapid7 Cybersecurity Advisory Services

We have been using many Rapid 7 products in the long term, we do a lot of vulnerability assessments and analysis and our primary tool is Rapid7 Nexpose and InsightVM. Rapid 7 AppSpider complements our portfolio of services with the capability to allow us to perform web-based security testing in our customer DevOps cycle or directly on the production website with great info an analytics.

Product Usage

OWASP Top 10.
Crawling web applications.
Web application security testing.

Things done well

Scan might be slow compared to other tools.
Not a lot of training on the vendor side.

Things done poorly

Rapid7 AppSpider could be your default DAST (Dynamic Application Security Testing), it covers the OWASP top 10 for web and APIs.  Great tools, with a very nice and understandable report and analytics, work excellent for one-shot or continuous monitoring of your web assets.   Also has a fair amount of integrations with other popular tools.

OWASP TOP 10
Pentesting
Authenticated Scan

Most Important Features 3.4.21

Return on Investment

Rapid7 InsightVM, Rapid7 Managed Security Services (Rapid7 MDR) and Rapid7 Cybersecurity Advisory Services

Alternatives

Offensive Security Engineer Lead

Rapid7 AppSpider 2022-12-12 13:02:06

Reviews

TrustRadius is a technology and business research firm based in Austin, Texas. The company is known as a review platform for verified B2B technology and software reviews through a proprietary algorithm and human verification.

TrustRadius

Rest api

Single page

Web applications

Home

Dynamic Application Security Testing (DAST) Tools

Pros and Cons

This product is being used across the organization and is phenomenal at what it does. We have not seen such accurate results from an AppSec product since forever and heavily rely on it.

Does a great job scanning Single Page Apps as well as APIs etc.
We use this weekly and have faced no scan errors due to process failures or accidentally DoSing etc.

Rapid7 AppSpider 2018-05-14 12:26:33

Deployment Types	Software as a Service (SaaS), Cloud, or Web-Based
Operating Systems	Unspecified
Mobile Application	No

Rapid7 AppSpider

Overview

What is Rapid7 AppSpider?

Great SAST Tool.

AppSpider-Great AppSec solution

Pricing

InsightAppSec

$2,000.00

Entry-level set up fee?

Offerings

Product Details

What is Rapid7 AppSpider?

Rapid7 AppSpider Technical Details

Comparisons

Compare with