Try our new research platform with insights from 80,000+ expert users
Rapid7 AppSpider Logo

Rapid7 AppSpider Reviews

Vendor: Rapid7
3.9 out of 5
Leave a review

What is Rapid7 AppSpider?

SPAs, APIs, mobile—the evolution of application technology is measured in months, not years. Is your web application security testing tool designed to keep up? AppSpider lets you collect all the information needed to test all the apps so that you aren’t left with gaping application risks.

Get the Rapid7 AppSpider Buyer's Guide and find out what your peers are saying about Rapid7 AppSpider, SonarQube, Checkmarx One and more!
Rapid7 AppSpider is the #31 ranked solution in AST tools. PeerSpot users give Rapid7 AppSpider an average rating of 7.8 out of 10. Rapid7 AppSpider is most commonly compared to SonarQube: Rapid7 AppSpider vs SonarQube. Rapid7 AppSpider is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 10% of all views.
Buyer's Guide
Rapid7 AppSpider
March 2026
Get the report
Helped 885,264 peers since 2012

Featured Rapid7 AppSpider reviews

Read more reviews

Rapid7 AppSpider mindshare

As of March 2026, the mindshare of Rapid7 AppSpider in the Static Application Security Testing (SAST) category stands at 0.7%, up from 0.4% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Mindshare Distribution
ProductMindshare (%)
Rapid7 AppSpider0.7%
SonarQube17.7%
Checkmarx One10.4%
Other71.2%
Static Application Security Testing (SAST)

PeerResearch reports based on Rapid7 AppSpider reviews

TypeTitleDate
CategoryStatic Application Security Testing (SAST)Mar 28, 2026Download
ProductReviews, tips, and advice from real usersMar 28, 2026Download
ComparisonRapid7 AppSpider vs SonarQubeMar 28, 2026Download
ComparisonRapid7 AppSpider vs VeracodeMar 28, 2026Download
ComparisonRapid7 AppSpider vs Checkmarx OneMar 28, 2026Download
Suggested products
TitleRatingMindshareRecommending
SonarQube4.017.7%84%135 interviewsAdd to research
Checkmarx One3.910.4%88%81 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Rapid7 AppSpider excels in vulnerability detection, comprehensive reporting, and efficient data mining. Its reports adhere to international standards and are versatile, covering PCA/GDPR compliance. It supports integration with software development cycles and app management through applets. Users benefit from an intuitive interface and low false positive rates. The platform's replay attack capability, authentication identification, and interactive features make it user-friendly and adaptable to diverse needs. Rapid7 AppSpider's portability and lightness enhance convenience.
  • "AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
  • "The initial deployment is very straightforward and simple."
  • "Customer service has been quite good."

Room for Improvement

Rapid7 AppSpider needs faster performance and improved stability with reduced false positives. Better integration options are essential, particularly for mobile applications and CSED, with clearer, more comprehensive documentation. The interface requires enhancements for customization, and support response times should be quicker. Reporting features need to be more user-friendly for non-technical audiences. Additionally, Japanese localization is necessary, and the ability to scan multiple applications simultaneously is needed.
  • "AppSpider has some problems with the RAM needed while scanning."
  • "There are some glitches with stability, and it is an area for improvement."
  • "Integration could be better. For example, while doing the scanning, using the recording username and passwords, there are issues."

Pricing

Enterprise users of Rapid7 AppSpider report varied pricing experiences. The cost is considered expensive for the Enterprise version with capabilities to scan multiple applications simultaneously. Pricing varies based on user count, with costs rated average compared to competitors. Licenses are required, as AppSpider is not open-source, though purchase negotiations can yield better deals. While cloud-based with no hardware costs, additional service fees may arise. International users might face added localization expenses.
  • "The price of Rapid7 AppSpider cost 9,000 annually but there is limited usage. Large companies are able to negotiate a better price or a better deal for the usage with the vendor."
  • "AppSpider is closed-source software and you need to acquire a license in order to use it."
  • "The licensing cost depends on the number of users."

Popular Use Cases

Rapid7 AppSpider is employed for web application security testing, scanning for vulnerabilities, and compliance control. Organizations utilize it to adhere to regulatory standards like ISO27001, ensuring data security by keeping applications on-premises. AppSpider aids in auditing, application API examination, and dynamic scanning, generating detailed vulnerability reports. It is frequently used in sectors requiring security assessments such as FinTech and banking. Distributors also implement it for their clientele.

Service and Support

Rapid7 AppSpider's customer service and support are generally rated positively, with a responsive and helpful team. Users find the technical support good, often solved through online contact for unresolved issues. Some users rely on internal resources for assistance. There have been instances of unresolved issues with Nexpose, causing customer dissatisfaction. Multiple teams are engaged depending on the issue, displaying specialization in support tasks. Overall, support is frequently rated eight out of ten.

Deployment

Rapid7 AppSpider's initial setup is generally straightforward and simple. Users find it easy to implement, especially when deploying on a Windows machine. Network issues might prolong the process. Integration takes longer than setup, and a couple of people are usually needed for maintenance. While deploying on a laptop offers flexibility, expertise is still needed for authentication, exploring advanced features, and handling conflicts with other services.

Scalability

Rapid7 AppSpider demonstrates strong scalability, with positive feedback on its ability to handle multiple engines and concurrent scans. Many users find it quite adaptable, rating it highly, although some mention it functions more as a utility than a standalone tool. Its SaaS nature adds scalability advantages, while some critics suggest alternatives might eventually be needed for more robust performance. Users generally appreciate its ease of distribution and centralized dashboard features.

Stability

Rapid7 AppSpider's stability is generally rated positively by users. Many find it very stable, attributing its reliability to strong internal data management and reporting capabilities. However, some note scalability issues with large networks and occasional responsiveness problems. Proper configuration and adequate resources are recommended for optimal performance. Ratings range from five to ten out of ten, with some users experiencing minor stability issues potentially related to specific IT environments or resource allocation.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Rapid7 AppSpider Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business4
Midsize Enterprise2
Large Enterprise1
By reviewers
By visitors reading reviews
Company SizeCount
Small Business63
Midsize Enterprise35
Large Enterprise114
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
10%
Manufacturing Company
10%
University
9%
Educational Organization
8%
Healthcare Company
8%
Computer Software Company
8%
Government
7%
Retailer
5%
Construction Company
4%
Outsourcing Company
4%
Real Estate/Law Firm
3%
Performing Arts
3%
Hospitality Company
3%
Energy/Utilities Company
2%
Non Profit
2%
Insurance Company
2%
Marketing Services Firm
2%
Recreational Facilities/Services Company
1%
Comms Service Provider
1%
Leisure / Travel Company
1%
Sports Company
1%
Wholesaler/Distributor
1%
Logistics Company
1%
Media Company
1%
Transportation Company
1%

Compare Rapid7 AppSpider with alternative products

Go!

Learn more about Rapid7 AppSpider

Our dynamic application security testing (DAST) solution crawls to the deepest, darkest corners of even the most modern and complex apps to effectively test for risk and get you the insight you need to remediate faster. With AppSpider on your side (or, rather, all of your sides), you’ll be able to scan all the apps today and always be ready for whatever comes next.

Rapid7 AppSpider was previously known as AppSpider.

Rapid7 AppSpider customers

Microsoft

Related questions

  • 264
What Application Security Solution Do You Use That Is DevOps Friendly?
  • 26
Which is the most comprehensive open source Web Security Testing tool?
  • 39
What is the best Application Security Testing platform?
  • 25
When evaluating Application Security Testing, what aspect do you think is the most important to look for?
  • 61
SAST vs. DAST: Which is better for application security testing?
  • 41
What tools do you rely on for building a DevSecOps pipeline?
  • 88
What does the Log4j/Log4Shell vulnerability mean for your company?
  • 54
Checkmarx or Veracode. Which should we choose?
  • 111
What are your recommended automated penetration testing tools?
  • 42
What are the OWASP top 10 in 2020?

Product Categories

Product Categories
Static Application Security Testing (SAST)

Popular Comparisons

Popular Comparisons
SonarQube vs Rapid7 AppSpider Logo
SonarQube vs Rapid7 AppSpider
Checkmarx One vs Rapid7 AppSpider Logo
Checkmarx One vs Rapid7 AppSpider
GitLab vs Rapid7 AppSpider Logo
GitLab vs Rapid7 AppSpider
Veracode vs Rapid7 AppSpider Logo
Veracode vs Rapid7 AppSpider
Acunetix vs Rapid7 AppSpider Logo
Acunetix vs Rapid7 AppSpider
OpenText Core Application Security vs Rapid7 AppSpider Logo
OpenText Core Application Security vs Rapid7 AppSpider
OWASP Zap vs Rapid7 AppSpider Logo
OWASP Zap vs Rapid7 AppSpider
PortSwigger Burp Suite Professional vs Rapid7 AppSpider Logo
PortSwigger Burp Suite Professional vs Rapid7 AppSpider
HCL AppScan vs Rapid7 AppSpider Logo
HCL AppScan vs Rapid7 AppSpider
Qualys Web Application Scanning vs Rapid7 AppSpider Logo
Qualys Web Application Scanning vs Rapid7 AppSpider
Invicti vs Rapid7 AppSpider Logo
Invicti vs Rapid7 AppSpider
PVS‑Studio vs Rapid7 AppSpider Logo
PVS‑Studio vs Rapid7 AppSpider
See all alternatives
 
Rapid7 AppSpider Reviews Summary
Author infoRatingReview Summary
Marketing Expert at J's communication3.0We use AppSpider primarily for its robust security features and excellent crawling technology, which customizes well for clients. However, localization for Japanese customers is lacking, and the return on investment is considered medium.
Executive Manager at B2B-Solutions LLC4.0I use Rapid7 AppSpider for vulnerability assessments and find its vulnerability reporting data valuable, especially for generating flexible reports. However, the solution's performance is slower compared to others, and we've adopted tricks to enhance its speed.
Network & Security Engineer at PT. Centrin Online Prima4.0I primarily use Rapid7 AppSpider for scanning and securing web applications, appreciating its replay attack feature. However, better integration for mobile app scanning would be beneficial, particularly enhancing performance when handling mobile applications like iOS and Android.
Head Information Security at Akhtar Fuiou Technologies3.5I use Rapid7 AppSpider for web application scanning to detect vulnerabilities, finding it user-friendly with detailed automated scans. However, it gives many false positives and lacks robust reporting. Stability needs improvement compared to my previous experience with HCL AppScan.
Executive Manager at B2B-Solutions LLC3.5I've used AppSpider for five years. Its valuable reporting, analytics, and customization are strong, but high RAM usage during scans and complex configuration with too many options are issues. I rate it 7/10.
Network & Security Engineer at PT. Centrin Online Prima4.0I use AppSpider for web vulnerability scanning. Its distribution is good, but integration and the simple interface need improvement. Support is responsive, yet some issues remain unresolved. I rate it 7-8 out of 10, requiring expertise.
Information Security Engineer at Trillium Information Security Systems3.5I have used Rapid7 AppSpider for over three years. Its initial deployment is simple, and it's stable when configured correctly. However, I have experienced some stability glitches that need improvement. Overall, I recommend it.
Network & Security Engineer at PT. Centrin Online Prima4.0I use this to test application vulnerabilities. While setup is straightforward and customer service is good, integration needs significant improvement, especially with recorded credentials and platforms like GitLab. Overall, I recommend it.