We performed a comparison between Fortify WebInspect and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"It is scalable and very easy to use."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"The most valuable feature of this solution is the ability to make our customers more secure."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"The most valuable feature is the static analysis."
"Technical support has been good."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The solution helped us discover vulnerabilities in our applications."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The solution has a great user interface."
"Enables automation of different tasks such as authorization testing."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"The most valuable features are Burp Intruder and Burp Scanner."
"The solution has a pretty simple setup."
"One thing I would like to see them introduce is a cloud-based platform."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"We have had a problem with authentification."
"A localized version, for example, in Korean would be a big improvement to this solution."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"Lately, we've seen more false negatives."
"The scanner could be better."
"The scanner and crawler need to be improved."
"The technical support team's response time is mostly delayed and should be improved."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"The solution doesn't offer very good scalability."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
"If we're running a huge number of scans regularly, it slows down the tool."
"I am from Brazil. The currency exchange rate from a dollar to a Brazilian Real is quite steep. It is almost six to one. It would be good if it can be sold in the local currency, and its price is cheaper for us."
"The number of false positives need to be reduced on the solution."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while PortSwigger Burp Suite Professional is ranked 10th in Application Security Tools with 57 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify WebInspect is most compared with Fortify on Demand, Acunetix, OWASP Zap, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.