We performed a comparison between Fortify WebInspect and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"Guided Scan option allows us to easily scan and share reports."
"When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"The solution's technical support was very helpful."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"Good at scanning and finding vulnerabilities."
"The most valuable feature of this solution is the ability to make our customers more secure."
"Technical support has been good."
"It offers very good accuracy. You can trust the results."
"The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"The solution has a pretty simple setup."
"The solution helped us discover vulnerabilities in our applications."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"The scanner could be better."
"We have had a problem with authentification."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"We have often encountered scanning errors."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"Creating reports is very slow and it is something that should be improved."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"The Initial setup is a bit complex."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"Improvement should be done as per the requirements of customers."
"Sometimes the solution can run a little slow."
"The number of false positives need to be reduced on the solution."
"If your application uses multi-factor authentication, registration management cannot be automated."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while PortSwigger Burp Suite Professional is ranked 10th in Application Security Tools with 57 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify WebInspect is most compared with Fortify on Demand, Acunetix, OWASP Zap, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.