We performed a comparison between CAST Highlight and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Software Composition Analysis (SCA) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."CAST Highlight is easy to use and has a good dashboard."
"The way it tells you which codebase is more ready for the cloud and which codebase is less ready is very valuable. It works seamlessly with most languages."
"It offers good performance."
"The most valuable features of the CAST Highlight are the interface and there are three notations that are very simple to understand and communicate with."
"The most valuable features of CAST Highlight are automation and speed."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"You can download different plugins if you don't have them in the standard edition."
"The initial setup is simple."
"PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"CAST Highlight could improve to allow us to comment and do a deep analysis by ourselves."
"Its price should be better. It is a pretty costly tool. They have two products: CAST Highlight and CAST AIP. I would expect CAST Highlight to have the Help dashboard and the Engineering dashboard. These dashboards are currently a part of CAST AIP, and if these are made available in CAST Highlight, customers won't have to use two different products all the time."
"There's a bit of a learning curve at the outset."
"The reports that describe the issues of concern are rather abstract and the issues should be more clearly described to the user."
"The ease of configuration and customization could be improved in CAST Highlight."
"In the Professional version, we cannot link it with the CI/CD process."
"It would be good if the solution could give us more details about what exactly is defective."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"The initial setup is a bit complex."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"There is not much automation in the tool."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"As with most automated security tools, too many false positives."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
CAST Highlight is ranked 10th in Software Composition Analysis (SCA) with 5 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. CAST Highlight is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of CAST Highlight writes "Easy to set up with optimized and automated insights". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". CAST Highlight is most compared with SonarQube, Checkmarx One, Snyk, Veracode and Black Duck, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our CAST Highlight vs. PortSwigger Burp Suite Professional report.
We monitor all Software Composition Analysis (SCA) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.