We performed a comparison between PortSwigger Burp Suite Professional and Synopsys Defensics based on real PeerSpot user reviews.
Find out what your peers are saying about PortSwigger, GitLab, OWASP and others in Fuzz Testing Tools."PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."
"The most valuable feature is Burp Collaborator."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"The suite testing models are very good. It's very secure."
"The active scanner, which does an automated search of any web vulnerabilities."
"The product is related to US usage with TLS contact fees, i.e. how more data center connections will help lower networking costs."
"Whatever the test suit they give, it is intelligent. It will understand the protocol and it will generate the test cases based on the protocol: protocol, message sequence, protocol, message structure... Because of that, we can eliminate a lot of unwanted test cases, so we can execute the tests and complete them very quickly."
"We have found multiple issues in our embedded system network protocols, related to buffer overflow. We have reduced some of these issues."
"The solution is not easy to set it up. You need a lot of knowledge."
"Scanning needs to be improved in enterprise and professional versions."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"If we're running a huge number of scans regularly, it slows down the tool."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"If your application uses multi-factor authentication, registration management cannot be automated."
"The solution’s pricing could be improved."
"There needs to be better documentation provided. Currently, we need to buy books, or we need to review online some use cases from other professionals who have been using the solution to find out their experience. It is not easy to find out how to properly do a security assessment."
"Sometimes, when we are testing embedded devices, when we trigger the test cases, the target will crash immediately. It is very difficult for us to identify the root cause of the crash because they do not provide sophisticated tools on the target side. They cover only the client-side application... They do not have diagnostic tools for the target side. Rather, they have them but they are very minimal and not very helpful."
"Codenomicon Defensics should be more advanced for the testing sector. It should be somewhat easy and flexible to install."
"It does not support the complete protocol stack. There are some IoT protocols that are not supported and new protocols that are not supported."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Earn 20 points
PortSwigger Burp Suite Professional is ranked 1st in Fuzz Testing Tools with 55 reviews while Synopsys Defensics is ranked 5th in Fuzz Testing Tools. PortSwigger Burp Suite Professional is rated 8.6, while Synopsys Defensics is rated 8.6. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Synopsys Defensics writes "Technical support provided protocol-specific documentation to prove that some positives were not false". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Synopsys Defensics is most compared with Snyk, SonarQube, Fortify on Demand, Invicti and Veracode.
See our list of best Fuzz Testing Tools vendors.
We monitor all Fuzz Testing Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.