We performed a comparison between PortSwigger Burp Suite Professional and Snyk based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It was easy to learn."
"The solution has a great user interface."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"You can download different plugins if you don't have them in the standard edition."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"The solution helped us discover vulnerabilities in our applications."
"It offers very good accuracy. You can trust the results."
"It is a time-saver application."
"There are many valuable features. For example, the way the scanning feature works. The integration is cool because I can integrate it and I don't need to wait until the CACD, I can plug it in to our local ID, and there I can do the scanning. That is the part I like best."
"The product's most valuable features are an open-source platform, remote functionality, and good pricing."
"Snyk is a developer-friendly product."
"The solution's Open Source feature gives us notifications and suggestions regarding how to address vulnerabilities."
"The most valuable feature of Snyk is the software composition analysis."
"What is valuable about Snyk is its simplicity."
"Our customers find container scans most valuable. They are always talking about it."
"It is one of the best product out there to help developers find and fix vulnerabilities quickly. When we talk about the third-party software vulnerability piece and potentially security issues, it takes the load off the user or developer. They even provide automitigation strategies and an auto-fix feature, which seem to have been adopted pretty well."
"The solution’s pricing could be improved."
"The initial setup is a bit complex."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"The pricing of the solution is quite high."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"The technical support team's response time is mostly delayed and should be improved."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"As with most automated security tools, too many false positives."
"Snyk's API and UI features could work better in terms of speed."
"It can be improved from the reporting perspective and scanning perspective. They can also improve it on the UI front."
"We tried to integrate it into our software development environment but it went really badly. It took a lot of time and prevented the developers from using the IDE. Eventually, we didn't use it in the development area... I would like to see better integrations to help the developers get along better with the tool. And the plugin for the IDE is not so good. This is something we would like to have..."
"Compatibility with other products would be great."
"We would like to have upfront knowledge on how easy it should be to just pull in an upgraded dependency, e.g., even introduce full automation for dependencies supposed to have no impact on the business side of things. Therefore, we would like some output when you get the report with the dependencies. We want to get additional information on the expected impact of the business code that is using the dependency with the newer version. This probably won't be easy to add, but it would be helpful."
"DAST has shortcomings, and Snyk needs to improve and overcome such shortcomings."
"Scalability has some issues because we have a lot of code and its use is mandatory. Therefore, it can be slow at times, especially because there are a lot of projects and reporting. Some UI improvements could help with this."
"We were using Microsoft Docker images. It was reporting some vulnerabilities, but we were not able to figure out the fix for them. It was reporting some vulnerabilities in the Docker images given by Microsoft, which were out of our control. That was the only limitation. Otherwise, it was good."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 10th in Application Security Tools with 57 reviews while Snyk is ranked 4th in Application Security Tools with 41 reviews. PortSwigger Burp Suite Professional is rated 8.6, while Snyk is rated 8.2. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Snyk writes "Performs software composition analysis (SCA) similar to other expensive tools". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Snyk is most compared with SonarQube, Black Duck, GitHub Advanced Security, Fortify Static Code Analyzer and Veracode. See our PortSwigger Burp Suite Professional vs. Snyk report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.