Senior Cybersecurity Solutions Engineer at Trillium Information Security Systems
Real User
Top 20
2024-06-07T06:59:00Z
Jun 7, 2024
I would recommend Rapid7 InsightAppSec to other users looking to implement a similar solution. We have many customers, and when they require a dynamic solution, we recommend Rapid7. We provide demos and presentations to clients, and if they are satisfied, they proceed with a license. The AI capabilities in Rapid7 InsightAppSec enhance application vulnerability scans significantly. AI and machine learning are integral to the solution, helping us schedule scans and improve the scanning results. I would rate InsightAppSec eight out of ten. It's a great solution, but there's always room for improvement.
In a scenario involving the tool and preventing potential security breaches, let's consider a case where a security feature is deployed using Rapid7 InsightAppSec. Although I haven't personally experienced this, I can provide an example. Suppose there is a vulnerability in WordPress or Apache servers, and it identifies a new one-level zero-day attack template associated with it. In this case, it may have detected this vulnerability three months after its initial occurrence. We utilize dynamic application security testing. It involves deploying an application by onboarding it onto a device, which is then linked to the application. The notable aspect is that we don't need to maintain a server for this process. Instead, we simply log in and configure Splunk Enterprise to connect with the product. There is no need to deploy a separate server. It provides clear, step-by-step instructions, including the provision of a dynamic key by the application, making it easy to implement with documentation. I rate it an eight out of ten.
Rapid7 just came out with a new package called Cloud Risk Complete, which gives us unlimited insight into scanning and unlimited AppSec scanning. It also gives us InsightCloudSec. The product can do everything. We are struggling to get our DevOps team to commit to utilizing our web application scanners. We are siloed with it. Overall, I rate the product an eight out of ten.
Cyber Security Architect at a healthcare company with 11-50 employees
Real User
Top 20
2022-11-14T17:20:06Z
Nov 14, 2022
You need to understand its capabilities. It has good capabilities, but its capabilities and features can be improved. I would rate it an eight out of ten.
We're a partner. We support our customers with products from Rapid7 and Tenable. We provide support to our clients. I'd rate the solution nine out of ten.
Cyber Security Lead at a printing company with 201-500 employees
Real User
2022-08-17T10:37:03Z
Aug 17, 2022
When you want to buy a tool, the main thing is whether it meets the requirements based on your business needs. In my previous company, I was in the financial sector, which has a lot of PCI transactions, et cetera. Now, I am in the media industry, and we don't have PCI transactions. It all depends on what kind of business you have, what are the requirements, and whether the product meets your requirements. For our needs, Rapid7 was the ideal go-to tool. Based on the budget, pricing, and features, we went for Rapid7. I would rate it a nine out of ten.
Cyber Security Division Manager at 3SC Security Solutions Services and Consultant
Real User
2020-12-07T20:53:37Z
Dec 7, 2020
This is a product that I recommend and my advice for anybody who is interested in trying it, there is a free 60-day trial period where they will fix your problems without any payment. That will give you the opportunity to experiment with and gain experience scanning web applications. I would rate this solution a ten out of ten.
Assistant Technical Manager at a tech services company with 1,001-5,000 employees
Real User
2020-06-15T07:34:15Z
Jun 15, 2020
I'm not sure of what version of the solution we had been using at our organization previously. As of right now, the license has expired on Rapid7. We haven't been using it for about one month. It hasn't been too long since we stopped with regular usage. We used Rapid7's cloud when we were running the program. We had a team of about five or six people that had access to the product when we were using it. If a company needs an effective product for web scanning, I can recommend this product. It's a great product. We found it to be quite effective in that regard. However, it did not help us to understand the web availability. This was something it lacked. I would rate the solution eight out of ten.
Your web applications may be complex, but your application security testing tool doesn’t need to be. InsightAppSec brings Rapid7’s proven Dynamic Application Security Testing (DAST) technology to the Insight platform, combining powerful application crawling and attack capabilities, flexibility in scan scope and scheduling, and accuracy in results with a modern UI, intuitive workflows, and sensible data organization. This enables you to identify XSS, SQL injection, CSRF, and other...
I would recommend Rapid7 InsightAppSec to other users looking to implement a similar solution. We have many customers, and when they require a dynamic solution, we recommend Rapid7. We provide demos and presentations to clients, and if they are satisfied, they proceed with a license. The AI capabilities in Rapid7 InsightAppSec enhance application vulnerability scans significantly. AI and machine learning are integral to the solution, helping us schedule scans and improve the scanning results. I would rate InsightAppSec eight out of ten. It's a great solution, but there's always room for improvement.
In a scenario involving the tool and preventing potential security breaches, let's consider a case where a security feature is deployed using Rapid7 InsightAppSec. Although I haven't personally experienced this, I can provide an example. Suppose there is a vulnerability in WordPress or Apache servers, and it identifies a new one-level zero-day attack template associated with it. In this case, it may have detected this vulnerability three months after its initial occurrence. We utilize dynamic application security testing. It involves deploying an application by onboarding it onto a device, which is then linked to the application. The notable aspect is that we don't need to maintain a server for this process. Instead, we simply log in and configure Splunk Enterprise to connect with the product. There is no need to deploy a separate server. It provides clear, step-by-step instructions, including the provision of a dynamic key by the application, making it easy to implement with documentation. I rate it an eight out of ten.
I rate Rapid7 InsightAppSec a seven out of ten.
I rate Rapid7 InsightAppSec a nine out of ten.
Rapid7 just came out with a new package called Cloud Risk Complete, which gives us unlimited insight into scanning and unlimited AppSec scanning. It also gives us InsightCloudSec. The product can do everything. We are struggling to get our DevOps team to commit to utilizing our web application scanners. We are siloed with it. Overall, I rate the product an eight out of ten.
You need to understand its capabilities. It has good capabilities, but its capabilities and features can be improved. I would rate it an eight out of ten.
We're a partner. We support our customers with products from Rapid7 and Tenable. We provide support to our clients. I'd rate the solution nine out of ten.
When you want to buy a tool, the main thing is whether it meets the requirements based on your business needs. In my previous company, I was in the financial sector, which has a lot of PCI transactions, et cetera. Now, I am in the media industry, and we don't have PCI transactions. It all depends on what kind of business you have, what are the requirements, and whether the product meets your requirements. For our needs, Rapid7 was the ideal go-to tool. Based on the budget, pricing, and features, we went for Rapid7. I would rate it a nine out of ten.
This is a product that I recommend and my advice for anybody who is interested in trying it, there is a free 60-day trial period where they will fix your problems without any payment. That will give you the opportunity to experiment with and gain experience scanning web applications. I would rate this solution a ten out of ten.
I'm not sure of what version of the solution we had been using at our organization previously. As of right now, the license has expired on Rapid7. We haven't been using it for about one month. It hasn't been too long since we stopped with regular usage. We used Rapid7's cloud when we were running the program. We had a team of about five or six people that had access to the product when we were using it. If a company needs an effective product for web scanning, I can recommend this product. It's a great product. We found it to be quite effective in that regard. However, it did not help us to understand the web availability. This was something it lacked. I would rate the solution eight out of ten.
Give it a try. It exceeds my expectations, and I'm curious to see what else they can release.