We performed a comparison between Fortify Application Defender and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Its ability to find security defects is valuable."
"The solution helped us to improve the code quality of our organization."
"The product saves us cost and time."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"It was easy to learn."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"This tool is more accurate than the other solutions that we use, and reports fewer false positives."
"You can download different plugins if you don't have them in the standard edition."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"With the Extender Tab, if you know how to code then you can create a plugin and add it to Burp."
"The false positive rate should be lower."
"The biggest complaint that I have heard concerns additional platform support because right now, it only supports applications that are written in .NET and Java."
"The workbench is a little bit complex when you first start using it."
"Fortify Application Defender gives a lot of false positives."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The licensing can be a little complex."
"The solution is quite expensive."
"Support for older compilers/IDEs is lacking."
"PortSwigger Burp Suite Professional could improve the static code review."
"I would like to see the return of the spider mechanism instead of the crawling feature. Burp Suite's earlier version 1.7 had an excellent spider option, and it would be beneficial if Burp incorporated those features into the current version. The crawling techniques used in the current version are not as efficient as those used in earlier versions."
"The initial setup is a bit complex."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"The Burp Collaborator needs improvement. There also needs to be improved integration."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify Application Defender is ranked 34th in Application Security Tools with 9 reviews while PortSwigger Burp Suite Professional is ranked 12th in Application Security Tools with 54 reviews. Fortify Application Defender is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify Application Defender writes "Reliable solution with excellent machine learning algorithms but expensive and lacking support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify Application Defender is most compared with Checkmarx, Coverity, SonarQube, CAST Application Intelligence Platform and Fortify on Demand, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Fortify Application Defender vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.