We performed a comparison between Fortify on Demand and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The quality of application security testing reduces risk and gives very few false positives."
"The solution is user-friendly."
"Fortify on Demand is easy to use and the reporting is good."
"The most valuable feature of Micro Focus Fortify on Demand is the information it can provide. There is quite a lot of information. It can pinpoint right down to where the problem is, allowing you to know where to fix it. Overall the features are easy to use, you don't have to be a coder. You can be a manager, or in IT operations, et cetera, anyone can use it. It is quite a well-rounded functional solution."
"The solution is very fast."
"The most important feature of the product is to follow today's technology fast, updated rules and algorithms (of the product)."
"There is not only one specific feature that we find valuable. The idea is to integrate the solution in DevSecOps which we were able to do."
"The installation was easy."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"The extension that it provides with the community version for the skills mapping is excellent."
"The most valuable feature is Burp Collaborator."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"With the Extender Tab, if you know how to code then you can create a plugin and add it to Burp."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"It's good testing software."
"I would like to see improvement in CI integration and integration with GitLab or Jenkins. It needs to be more simple."
"They have very good support, but there is always room for improvement."
"Temenos's (T-24) info basic is a separate programming interface, and such proprietary platforms and programming interfaces were not easily supported by the out-of-the-box versions of Fortify."
"The biggest deficiency is the integration with bug tracker systems. It might be better if the configuration screen presented for accessing the bug tracking systems could provide some flexibility."
"They could provide features for artificial intelligence similar to other vendors."
"An improvement would be the ability to get vulnerabilities flowing automatically into another system."
"Micro Focus Fortify on Demand can improve by having more graphs. For example, to show the improvement of the level of security."
"The vulnerability analysis does not always provide guidelines for what the developer should do in order to correct the problem, which means that the code has to be manually inspected and understood."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"We wish that the Spider feature would appear in the same shape that it does in previous versions."
"The initial setup is a bit complex."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"The solution is not easy to set it up. You need a lot of knowledge."
"BurpSuite has some issues regarding authentication with OAT tokens that need to be improved."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify on Demand is ranked 11th in Application Security Tools with 56 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Fortify on Demand is rated 8.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify on Demand writes "Provides good depth of scanning but is unfortunately not fully integrated with CIT processes ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify on Demand is most compared with SonarQube, Checkmarx One, Veracode, Coverity and Fortify WebInspect, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix and HCL AppScan. See our Fortify on Demand vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.