We performed a comparison between Acunetix and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There is a lot of documentation on their website which makes setting it up and using it quite simple."
"The tool's most valuable feature is performance."
"The most valuable feature of Acunetix is the UI and the scan results are simple."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"The usability and overall scan results are good."
"The scalability is good. The scalability is more than good because it can operate both as a standalone and it can be integrated as part of applications. So that really makes it a very, very versatile solution to have."
"The solution is stable."
"There is no other tool like it. I like the intuitiveness and the plugins that are available."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"You can download different plugins if you don't have them in the standard edition."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"Acunetix needs to include agent analysis."
"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."
"The vulnerability identification speed should be improved."
"When monitoring the traffic we always have issues with the bandwidth consumption and the throttling of traffic."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"Scanning needs to be improved in enterprise and professional versions."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"PortSwigger Burp Suite Professional could improve the static code review."
"In the Professional version, we cannot link it with the CI/CD process."
"There needs to be better documentation provided. Currently, we need to buy books, or we need to review online some use cases from other professionals who have been using the solution to find out their experience. It is not easy to find out how to properly do a security assessment."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Acunetix is ranked 16th in Application Security Tools with 26 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Acunetix is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, HCL AppScan, Fortify WebInspect and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Acunetix vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.