We performed a comparison between Acunetix and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"The usability and overall scan results are good."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"You can scan any number of applications and it updates its database."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"The solution scans web applications and supports APIs, which are the main features I really like."
"The solution has a pretty simple setup."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The solution has a great user interface."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"The solution's pricing could be better."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"The solution lacks sufficient stability."
"There is not much automation in the tool."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"There needs to be better documentation provided. Currently, we need to buy books, or we need to review online some use cases from other professionals who have been using the solution to find out their experience. It is not easy to find out how to properly do a security assessment."
"Sometimes the solution can run a little slow."
"In the Professional version, we cannot link it with the CI/CD process."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Acunetix is ranked 16th in Application Security Tools with 26 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Acunetix is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, HCL AppScan, Fortify WebInspect and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Acunetix vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
