No more typing reviews! Try our Samantha, our new voice AI agent.
Rapid7 InsightAppSec Logo

Rapid7 InsightAppSec pros and cons

Vendor: Rapid7
4.1 out of 5
Leave a review

Pros & Cons summary

Rapid7 InsightAppSec reduces threat response time by 20% and deploys in 30 minutes. Although it features signature-based detection and user-friendly attack simulation reports, its reporting capabilities and high false positive rate, especially for SQL and JSON injections, need improvement. It excels in technical support and offers some integration with ticketing systems and firewalls, but scan configuration issues and limited mobile application scanning capabilities are drawbacks.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Rapid7 InsightAppSec allows a significant reduction in response time to threats by 20%.
Deployment of Rapid7 InsightAppSec is swift, taking approximately 30 minutes without major issues.
The templates feature in Rapid7 InsightAppSec facilitates easy selection and execution of attack simulations, providing user-friendly reports.
InsightAppSec provides a signature-based detection method for identifying code issues and issuing alerts.
InsightAppSec offers reliable technical support, often rated ten out of ten by users.

CONS

Rapid7 InsightAppSec's reporting features need improvement, as they currently provide basic reports that require enhancements.
The false positive rate, particularly in detecting complex attacks like SQL and JSON injections, is an issue, with a reported 94% false positive rate.
Support for scanning mobile applications and aligning with frameworks like MITRE ATT&CK is desired, given current limitations on scanning only web applications.
The ability to integrate with a variety of ticketing systems and Web Application Firewall solutions could greatly benefit users, as existing options are limited.
Issues with scan configuration persistence occur when using different configurations for the same project, leading to potential loss of previous settings.
 

Rapid7 InsightAppSec Pros review quotes

Shritam Bhowmick - PeerSpot reviewer
Shritam Bhowmick
Vulnerability Management Lead at garrett
Jun 13, 2025
The reporting functionality is excellent.
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head Of Cyber Security at Super Secure
Feb 3, 2026
Customers use the product for scanning purposes and do not want to be restricted with respect to the number of scans they perform.
Read full review
reviewer2284569 - PeerSpot reviewer
reviewer2284569
Manager at a financial services firm with 5,001-10,000 employees
Feb 24, 2025
Relatively speaking, InsightAppSec is good compared to Insight VM.
Read full review
Buyer's Guide
Rapid7 InsightAppSec
April 2026
Free Report: Rapid7 InsightAppSec Reviews and More
Learn what your peers think about Rapid7 InsightAppSec. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
893,244 professionals have used our research since 2012.
reviewer2677461 - PeerSpot reviewer
reviewer2677461
Works
Mar 20, 2025
I would rate the technical support from Rapid7 a ten, indicating high-quality support.
Read full review
MK
Midhun Kumar
Head of Infrastructure at Pearl Data Direct
Feb 25, 2025
When considering DAST, it is not attributed to a singular feature but rather the capabilities of the engine that provides a genuine penetration testing experience and delivers insightful reports.
Read full review
SonNguyen3 - PeerSpot reviewer
SonNguyen3
Technical Manager at a computer software company with 11-50 employees
Apr 10, 2025
Rapid7 InsightAppSec is a good product for dynamic application security testing, providing neat reports that include validation actions and helping to generate web application firewall rules for web applications.
Read full review
Krzysztof Witko - PeerSpot reviewer
Krzysztof Witko
IT Security Engineer at a financial services firm with 51-200 employees
Jan 28, 2025
The automatic automation of the automated authorization to the SCANNET environment is valuable.
Read full review
Aakash Shankar - PeerSpot reviewer
Aakash Shankar
Senior Cybersecurity Solutions Engineer at Trillium Information Security Systems
Jun 7, 2024
Dynamic application security scanning provides predefined templates and supports customization. The ability to scan external and internal applications, including on-premises ones, is precious. Additionally, it is a cloud platform, so we don't need to deploy servers or resources. This makes it time-efficient and cost-effective.
Read full review
Vikas Dusa - PeerSpot reviewer
Vikas Dusa
Cyber Security Trainer and Programmer at Freelancer
Mar 4, 2024
In Rapid7 InsightAppSec, a distinctive feature is the provision of a CDM for integrating web servers and web applications. To establish the connection between these applications, you only need to paste the provided CDN into your metadata. Once connected, every piece of information, including vulnerabilities, can be accessed. It also offers demo sessions.
Read full review
RB
RussellBurrows
Senior IT Security Specialist at KNIPPERX INC.
Jul 28, 2023
It is a very robust solution.
Read full review
Show 10 more reviews (out of 20)
 

Rapid7 InsightAppSec Cons review quotes

Shritam Bhowmick - PeerSpot reviewer
Shritam Bhowmick
Vulnerability Management Lead at garrett
Jun 13, 2025
In terms of behavioral and pattern recognition, identifying complex attacks such as SQL, blind SQL, JSON, and LDAP injections often results in 94% false positives.
Read full review
SohailHyder - PeerSpot reviewer
SohailHyder
Head Of Cyber Security at Super Secure
Feb 3, 2026
Customers sometimes experience issues with performance.
Read full review
reviewer2284569 - PeerSpot reviewer
reviewer2284569
Manager at a financial services firm with 5,001-10,000 employees
Feb 24, 2025
There is room for improvement in the response time of customer service and support levels.
Read full review
Buyer's Guide
Rapid7 InsightAppSec
April 2026
Free Report: Rapid7 InsightAppSec Reviews and More
Learn what your peers think about Rapid7 InsightAppSec. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
893,244 professionals have used our research since 2012.
reviewer2677461 - PeerSpot reviewer
reviewer2677461
Works
Mar 20, 2025
There is room for improvement in Rapid7 InsightAppSec by giving clients the ability for extra columns on reports and enabling the extraction of remediation reports into a CSV format. Currently, the PDF format is cumbersome to go through when dealing with thousands of pages.
Read full review
MK
Midhun Kumar
Head of Infrastructure at Pearl Data Direct
Feb 25, 2025
The reporting feature of Rapid7 InsightAppSec needs improvement as it currently provides basic reports.
Read full review
SonNguyen3 - PeerSpot reviewer
SonNguyen3
Technical Manager at a computer software company with 11-50 employees
Apr 10, 2025
The technical support from Rapid7 is not bad, but the response time can be quite slow sometimes.
Read full review
Krzysztof Witko - PeerSpot reviewer
Krzysztof Witko
IT Security Engineer at a financial services firm with 51-200 employees
Jan 28, 2025
Currently, InsightAppSec lacks similar functionality. Customers must wait for remediation during the developers' preparation of a new version.
Read full review
Aakash Shankar - PeerSpot reviewer
Aakash Shankar
Senior Cybersecurity Solutions Engineer at Trillium Information Security Systems
Jun 7, 2024
The dynamic scanning feature has simplified and improved the security testing process. I suggest adding a SaaS feature to the solution to support scanning SaaS applications, making it more comprehensive. It would be beneficial if the solution could also scan mobile applications. It only scans web applications and should also cover mobile applications, including firmware recommendations.
Read full review
Vikas Dusa - PeerSpot reviewer
Vikas Dusa
Cyber Security Trainer and Programmer at Freelancer
Mar 4, 2024
Rapid7 InsightAppSec needs improvement in detecting phishing pages.
Read full review
RB
RussellBurrows
Senior IT Security Specialist at KNIPPERX INC.
Jul 28, 2023
The number of web applications we can scan is limited.
Read full review
Show 10 more reviews (out of 20)

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
AI Observability

Popular Comparisons

Popular Comparisons
Checkmarx One vs Rapid7 InsightAppSec Logo
Checkmarx One vs Rapid7 InsightAppSec
Veracode vs Rapid7 InsightAppSec Logo
Veracode vs Rapid7 InsightAppSec
HCL AppScan vs Rapid7 InsightAppSec Logo
HCL AppScan vs Rapid7 InsightAppSec
Invicti vs Rapid7 InsightAppSec Logo
Invicti vs Rapid7 InsightAppSec
OpenText Dynamic Application Security Testing vs Rapid7 InsightAppSec Logo
OpenText Dynamic Application Security Testing vs Rapid7 InsightAppSec
PortSwigger Burp Suite Enterprise Edition vs Rapid7 InsightAppSec Logo
PortSwigger Burp Suite Enterprise Edition vs Rapid7 InsightAppSec
Continuous Dynamic (formerly WhiteHat Dynamic) vs Rapid7 InsightAppSec Logo
Continuous Dynamic (formerly WhiteHat Dynamic) vs Rapid7 InsightAppSec
AppCheck vs Rapid7 InsightAppSec Logo
AppCheck vs Rapid7 InsightAppSec
StackHawk vs Rapid7 InsightAppSec Logo
StackHawk vs Rapid7 InsightAppSec
See all alternatives

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
AI Observability

Popular Comparisons

Popular Comparisons
Checkmarx One vs Rapid7 InsightAppSec Logo
Checkmarx One vs Rapid7 InsightAppSec
Veracode vs Rapid7 InsightAppSec Logo
Veracode vs Rapid7 InsightAppSec
HCL AppScan vs Rapid7 InsightAppSec Logo
HCL AppScan vs Rapid7 InsightAppSec
Invicti vs Rapid7 InsightAppSec Logo
Invicti vs Rapid7 InsightAppSec
OpenText Dynamic Application Security Testing vs Rapid7 InsightAppSec Logo
OpenText Dynamic Application Security Testing vs Rapid7 InsightAppSec
PortSwigger Burp Suite Enterprise Edition vs Rapid7 InsightAppSec Logo
PortSwigger Burp Suite Enterprise Edition vs Rapid7 InsightAppSec
Continuous Dynamic (formerly WhiteHat Dynamic) vs Rapid7 InsightAppSec Logo
Continuous Dynamic (formerly WhiteHat Dynamic) vs Rapid7 InsightAppSec
AppCheck vs Rapid7 InsightAppSec Logo
AppCheck vs Rapid7 InsightAppSec
StackHawk vs Rapid7 InsightAppSec Logo
StackHawk vs Rapid7 InsightAppSec
See all alternatives
Related questions
  • 38
When evaluating Dynamic Application Security Testing (DAST), what aspect do you think is the most important to look for?
  • 42
Why is Dynamic Application Security Testing (DAST) important for companies?