We performed a comparison between Fortify WebInspect and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Guided Scan option allows us to easily scan and share reports."
"The accuracy of its scans is great."
"The most valuable feature of this solution is the ability to make our customers more secure."
"The solution is easy to use."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"It is scalable and very easy to use."
"The solution's technical support was very helpful."
"The user interface is ok and it is very simple to use."
"The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools."
"The most valuable feature of PortSwigger Burp Suite Professional is the Burp Intruder tool."
"The solution scans web applications and supports APIs, which are the main features I really like."
"It offers very good accuracy. You can trust the results."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
"The active scanner, which does an automated search of any web vulnerabilities."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"Not sufficiently compatible with some of our systems."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"We have often encountered scanning errors."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"One thing I would like to see them introduce is a cloud-based platform."
"The use of system memory is an area that can be improved because it uses a lot."
"The reporting needs to be improved; it is very bad."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
"The solution’s pricing could be improved."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify WebInspect is most compared with Fortify on Demand, Acunetix, OWASP Zap, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.