We performed a comparison between Fortify WebInspect and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."When we are integrating it with SSC, we're able to scan and trace and see all of the vulnerabilities. Comparison is easy in SSC."
"Guided Scan option allows us to easily scan and share reports."
"I've found the centralized dashboard the most valuable. For the management, it helps a lot to have abilities at the central level."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"There are lots of small settings and tools, like an HTTP editor, that are very useful."
"It's a well-known platform for doing dynamic application scanning."
"Technical support has been good."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"Enables automation of different tasks such as authorization testing."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"There is no other tool like it. I like the intuitiveness and the plugins that are available."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"The active scanner, which does an automated search of any web vulnerabilities."
"The most valuable features are Burp Intruder and Burp Scanner."
"Lately, we've seen more false negatives."
"We have had a problem with authentification."
"One thing I would like to see them introduce is a cloud-based platform."
"We have often encountered scanning errors."
"It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."
"I'm not sure licensing, but on the pricing, it's a bit costly. It's a bit overpriced. Though it is an enterprise tool, there are other tools also with similar functionalities."
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us."
"The initial setup was complex."
"I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"One area that can be improved, when compared to alternative tools, is that they could provide different reporting options and in different formats like PDF or something like that."
"The number of false positives need to be reduced on the solution."
"The reporting needs to be improved; it is very bad."
"The initial setup is a bit complex."
"It would be good if the solution could give us more details about what exactly is defective."
"The solution lacks sufficient stability."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while PortSwigger Burp Suite Professional is ranked 12th in Application Security Tools with 54 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify WebInspect is most compared with Fortify on Demand, OWASP Zap, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.