We performed a comparison between Acunetix and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The tool's most valuable feature is scan configurations. We use it for external physical applications. The scanning time depends on the application's code."
"For us, the most valuable aspect of the solution is the log-sequence feature."
"Overall, it's a very good tool and a very good engine."
"The usability and overall scan results are good."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"The suite testing models are very good. It's very secure."
"It is a time-saver application."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The most valuable features are Burp Intruder and Burp Scanner."
"This tool is more accurate than the other solutions that we use, and reports fewer false positives."
"While we do have it integrated with other solutions, it could still offer more integrations."
"The solution's pricing could be better."
"There's a clear need for a reduction in pricing to make the service more accessible."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"The vulnerability identification speed should be improved."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"The only problem that they have is the price. It is a bit expensive, and you cannot change the number of applications for the whole year."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"The solution is not easy to set it up. You need a lot of knowledge."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"The tool is very expensive."
"It would be good if the solution could give us more details about what exactly is defective."
"Sometimes the solution can run a little slow."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Acunetix is ranked 16th in Application Security Tools with 26 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Acunetix is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, HCL AppScan, Fortify WebInspect and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Acunetix vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.