We performed a comparison between Fortify WebInspect and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The accuracy of its scans is great."
"Good at scanning and finding vulnerabilities."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"Technical support has been good."
"It's a well-known platform for doing dynamic application scanning."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"Enables automation of different tasks such as authorization testing."
"The most valuable feature of PortSwigger Burp Suite Professional is the Burp Intruder tool."
"You can download different plugins if you don't have them in the standard edition."
"The extension that it provides with the community version for the skills mapping is excellent."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"The solution is quite helpful for session management and configuration."
"The initial setup was complex."
"Fortify WebInspect's shortcoming stems from the fact that it is a very expensive product in Korea, which makes it difficult for its potential customers to introduce the product in their IT environment."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"Not sufficiently compatible with some of our systems."
"The scanner could be better."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"Scanning needs to be improved in enterprise and professional versions."
"The scanner and crawler need to be improved."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
"I am from Brazil. The currency exchange rate from a dollar to a Brazilian Real is quite steep. It is almost six to one. It would be good if it can be sold in the local currency, and its price is cheaper for us."
"BurpSuite has some issues regarding authentication with OAT tokens that need to be improved."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while PortSwigger Burp Suite Professional is ranked 10th in Application Security Tools with 57 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify WebInspect is most compared with Fortify on Demand, Acunetix, OWASP Zap, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.