Great SAST Tool.
Rating: 8 out of 10
IncentivizedUse Cases and Deployment Scope
We have been using many Rapid 7 products in the long term, we do a lot of vulnerability assessments and analysis and our primary tool is Rapid7 Nexpose and InsightVM. Rapid 7 AppSpider complements our portfolio of services with the capability to allow us to perform web-based security testing in our customer DevOps cycle or directly on the production website with great info an analytics.
Pros
- OWASP Top 10.
- Crawling web applications.
- Web application security testing.
Cons
- Scan might be slow compared to other tools.
- Not a lot of training on the vendor side.
Likelihood to Recommend
Rapid7 AppSpider could be your default DAST (Dynamic Application Security Testing), it covers the OWASP top 10 for web and APIs. Great tools, with a very nice and understandable report and analytics, work excellent for one-shot or continuous monitoring of your web assets. Also has a fair amount of integrations with other popular tools.