We performed a comparison between Fortify Application Defender and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"The product saves us cost and time."
"The solution helped us to improve the code quality of our organization."
"The most valuable feature is that it analyzes data in real-time."
"Its ability to find security defects is valuable."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"You can scan any number of applications and it updates its database."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"Enables automation of different tasks such as authorization testing."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The extension that it provides with the community version for the skills mapping is excellent."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"I encountered many false positives for Python applications."
"Fortify Application Defender gives a lot of false positives."
"The solution is quite expensive."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The false positive rate should be lower."
"The workbench is a little bit complex when you first start using it."
"The use of system memory is an area that can be improved because it uses a lot."
"It would be good if the solution could give us more details about what exactly is defective."
"PortSwigger Burp Suite Professional could improve the static code review."
"There should be a heads up display like the one available in OWASP Zap."
"The scanner and crawler need to be improved."
"We wish that the Spider feature would appear in the same shape that it does in previous versions."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"Scanning needs to be improved in enterprise and professional versions."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify Application Defender is ranked 34th in Application Security Tools with 10 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Fortify Application Defender is rated 8.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify Application Defender writes "Reliable solution with excellent machine learning algorithms but expensive and lacking support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify Application Defender is most compared with Checkmarx One, Coverity, CAST Application Intelligence Platform, SonarQube and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Fortify Application Defender vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.