We performed a comparison between Acunetix and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."There is a lot of documentation on their website which makes setting it up and using it quite simple."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"Acunetix is the best service in the world. It is easy to manage. It gives a lot of information to the users to see and identify problems in their site or applications. It works very well."
"It's very user-friendly for the testing teams. It's very easy for them to understand things and to fix vulnerabilities."
"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."
"The automated approach to these repetitive discovery attempts would take days to do manually and therefore it helps reduce the time needed to do an assessment."
"The usability and overall scan results are good."
"Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"The solution is stable."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"The active scanner, which does an automated search of any web vulnerabilities."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"The solution scans web applications and supports APIs, which are the main features I really like."
"There is room for improvement in website authentication because I've seen other products that can do it much better."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"Currently only supports web scanning."
"While we do have it integrated with other solutions, it could still offer more integrations."
"There are some versions of the solution that are not as stable as others."
"The pricing is a bit on the higher side."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"The solution is not easy to set it up. You need a lot of knowledge."
"The solution’s pricing could be improved."
"There should be a heads up display like the one available in OWASP Zap."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"In the Professional version, we cannot link it with the CI/CD process."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"I would like to see the return of the spider mechanism instead of the crawling feature. Burp Suite's earlier version 1.7 had an excellent spider option, and it would be beneficial if Burp incorporated those features into the current version. The crawling techniques used in the current version are not as efficient as those used in earlier versions."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Acunetix is ranked 17th in Application Security Tools with 26 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. Acunetix is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, HCL AppScan, Fortify WebInspect and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Acunetix vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.