We performed a comparison between Fortify Application Defender and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"Its ability to find security defects is valuable."
"The product saves us cost and time."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"The solution has a great user interface."
"The suite testing models are very good. It's very secure."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"It is useful for scanning and tracing activities."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"Fortify Application Defender gives a lot of false positives."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"I encountered many false positives for Python applications."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"Support for older compilers/IDEs is lacking."
"The licensing can be a little complex."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"The solution is quite expensive."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
"Scanning needs to be improved in enterprise and professional versions."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"We'd like to have more integration potential across all versions of the product."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"In the Professional version, we cannot link it with the CI/CD process."
"The technical support team's response time is mostly delayed and should be improved."
"Sometimes the solution can run a little slow."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. Fortify Application Defender is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify Application Defender is most compared with Checkmarx One, CAST Application Intelligence Platform, Coverity, SonarQube and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Fortify Application Defender vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
