We performed a comparison between PortSwigger Burp Suite Professional and Qualys Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"The active scanner, which does an automated search of any web vulnerabilities."
"You can scan any number of applications and it updates its database."
"The extension that it provides with the community version for the skills mapping is excellent."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"Qualys Web Application Scanning has multiple features like threat protection and container security scanning in one box."
"The vulnerability management feature is a strong one. And also the patch management feature."
"It is easy to use."
"QualysGuard web-based scanner is very useful for performing external penetration and PCI scans from remote locations."
"Qualys WAS' most valuable features are the navigation flow of the UI and the option for a different layer of security (identification and operation through email and mobile)."
"It is a cloud-based solution, so it is easy to scale."
"Licensing is the most valuable. Qualys provides the best licensing for companies. It is the best product for the development purposes of web applications. The product has a lot of integrations."
"It works with many different products."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"The use of system memory is an area that can be improved because it uses a lot."
"The technical support team's response time is mostly delayed and should be improved."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"The solution lacks sufficient stability."
"The initial setup is a bit complex."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"Mitigating the issues and low confluence issues needs some improvement. Implementing demand with the ChatGPT under the web solution is an additional feature I would like to see in the next release."
"The support could be faster."
"In terms of the Policy Compliance model which they currently have, not all the platforms are being covered. If they could improve on the Policy Compliance model, since there are policies which are benchmarked against it, this will be helpful for us."
"Sometimes the response time is low because the handshake fails, and then you have to re-login and start again."
"It should have better automatic reporting."
"The area of false positives could be improved. There are quite a number of false positives as compared to other solutions. They could probably fine tune the algorithm to be able to reduce the number of false positives being detected."
"The GUI could be a little less complicated as it opens a lot of new windows for creating search lists, templates, reports, or for scanning purposes."
"In certain cases, this product does have false positives, which the company should work on."
"The software’s pricing could be improved."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
More Qualys Web Application Scanning Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews while Qualys Web Application Scanning is ranked 19th in Application Security Tools with 31 reviews. PortSwigger Burp Suite Professional is rated 8.6, while Qualys Web Application Scanning is rated 7.8. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Qualys Web Application Scanning writes "A stable solution that can be used for infrastructure vulnerability scanning and web application scanning". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and SonarQube, whereas Qualys Web Application Scanning is most compared with OWASP Zap, Veracode, SonarQube, Fortify WebInspect and Tenable.io Web Application Scanning. See our PortSwigger Burp Suite Professional vs. Qualys Web Application Scanning report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.