We performed a comparison between Fortify WebInspect and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of this solution is the ability to make our customers more secure."
"Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."
"The solution is able to detect a wide range of vulnerabilities. It's better at it than other products."
"It's a well-known platform for doing dynamic application scanning."
"Fortify WebInspect is a scalable solution, it is good for a lot of applications."
"The solution's technical support was very helpful."
"Technical support has been good."
"Good at scanning and finding vulnerabilities."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"It's good testing software."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The extension that it provides with the community version for the skills mapping is excellent."
"You can scan any number of applications and it updates its database."
"The solution has a great user interface."
"Fortify WebInspect could improve user-friendliness. Additionally, it is very bulky to use."
"The initial setup was complex."
"The solution needs better integration with Microsoft's Azure Cloud or an extension of Azure DevOps. In fact, it should better integrate with any cloud provider. Right now, it's quite difficult to integrate with that solution, from the cloud perspective."
"We have often encountered scanning errors."
"The scanner could be better."
"Creating reports is very slow and it is something that should be improved."
"The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex."
"It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"The Initial setup is a bit complex."
"The number of false positives need to be reduced on the solution."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
"I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify WebInspect is ranked 2nd in Dynamic Application Security Testing (DAST) with 17 reviews while PortSwigger Burp Suite Professional is ranked 12th in Application Security Tools with 54 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify WebInspect writes "A powerful tool catering to multiple use cases that provides reasonably good technical support". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify WebInspect is most compared with Fortify on Demand, OWASP Zap, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.