We performed a comparison between PortSwigger Burp Suite Professional and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The suite testing models are very good. It's very secure."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"The tool provides complimentary services. It allows you to add a lot of extensions, and you can get extensions quite often. It is quite a flexible application."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"The solution has a pretty simple setup."
"The solution is quite helpful for session management and configuration."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"It is really accurate and the rate of false positives is very low."
"I would say that it is stable, as I am not aware of any major issues."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"The most valuable feature is the reporting, which is compliant with international standards."
"The setup is usually straightforward."
"The initial deployment is very straightforward and simple. The product is stable if configured properly."
"There should be a heads up display like the one available in OWASP Zap."
"If your application uses multi-factor authentication, registration management cannot be automated."
"In the Professional version, we cannot link it with the CI/CD process."
"The technical support team's response time is mostly delayed and should be improved."
"The solution lacks sufficient stability."
"The use of system memory is an area that can be improved because it uses a lot."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"This price of this solution is a little bit expensive."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"The enterprise interface is too simple. It should be more customizable."
"Support response times are slow and can be improved."
"Integration could be better."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"The dashboard and interface are crucial and they need some improvement."
"The performance of the solution could improve. When I compare the speed it is slower than others on the market. There are some tricks we use to help speed up the solution."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 5th in Static Application Security Testing (SAST) with 57 reviews while Rapid7 AppSpider is ranked 26th in Static Application Security Testing (SAST) with 13 reviews. PortSwigger Burp Suite Professional is rated 8.6, while Rapid7 AppSpider is rated 7.8. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Checkmarx One. See our PortSwigger Burp Suite Professional vs. Rapid7 AppSpider report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.