PortSwigger Burp Suite Professional vs Synopsys API Security Testing comparison

Cancel
You must select at least 2 products to compare!
Comparison Buyer's Guide
Executive Summary

We performed a comparison between PortSwigger Burp Suite Professional and Synopsys API Security Testing based on real PeerSpot user reviews.

Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST).
To learn more, read our detailed Application Security Testing (AST) Report (Updated: March 2024).
765,234 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"I have found the best features to be the performance and there are a lot of additional plugins available.""The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it.""The solution is stable.""The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good.""It was easy to learn."""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved."""The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well.""The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."

More PortSwigger Burp Suite Professional Pros →

"The most valuable features of Synopsys API Security Testing are the metrics, results, and threat vectors that it shares."

More Synopsys API Security Testing Pros →

Cons
"If your application uses multi-factor authentication, registration management cannot be automated.""The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies.""BurpSuite has some issues regarding authentication with OAT tokens that need to be improved.""The Burp Collaborator needs improvement. There also needs to be improved integration.""The solution’s pricing could be improved.""Currently, the scanning is only available in the full version of Burp, and not in the Community version.""I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory.""The initial setup is a bit complex."

More PortSwigger Burp Suite Professional Cons →

"The solution required us to use our team and we spoke to Synopsys API Security Testing's support to do the implementation. We use two people from our team for the implementation. and one person for maintenance."

More Synopsys API Security Testing Cons →

Pricing and Cost Advice
  • "This is a value for money product."
  • "The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees."
  • "Our licensing cost is approximately $400 USD per year."
  • "The yearly cost is about $300."
  • "There is no setup cost and the cost of licensing is affordable."
  • "Licensing costs are about $450/year for one use. For larger organizations, they're able to test against multiple applications while simultaneously others might have multiple versions of applications which needs to be tested which is why we have the enterprise edition."
  • "There are different licenses available that include a free version."
  • "At $400 or $500 per license paid annually, it is a very cheap tool."
  • More PortSwigger Burp Suite Professional Pricing and Cost Advice →

    Information Not Available
    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    765,234 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with… more »
    Top Answer:You can download different plugins if you don't have them in the standard edition.
    Top Answer:We pay a yearly licensing fee for the solution, which is neither cheap nor expensive.
    Top Answer:The most valuable features of Synopsys API Security Testing are the metrics, results, and threat vectors that it shares.
    Top Answer:The solutions pricing model is based on the number of lines of code. Overall it is priced well, it is reasonable.
    Top Answer:We are using Synopsys API Security Testing for scanning APIs for risks and vulnerabilities and to understand our posture before deployment within our business.
    Ranking
    Views
    10,093
    Comparisons
    6,737
    Reviews
    18
    Average Words per Review
    490
    Rating
    8.6
    Views
    499
    Comparisons
    342
    Reviews
    1
    Average Words per Review
    310
    Rating
    7.0
    Comparisons
    Also Known As
    Burp
    Learn More
    Overview

    Burp Suite Professional, by PortSwigger, is the world’s leading toolkit for web security testing. Over 52,000 users worldwide, across all industries and organization sizes, trust Burp Suite Professional to find more vulnerabilities, faster. With expertly-engineered manual and automated tooling, you're able to test smarter - not harder.

    PortSwigger is the web security company that is enabling the world to secure the web. Over 50,000 security engineers rely on our software and expertise to secure their world.

    AppSec testing optimized for the needs of API developers
    APIs provide open, flexible interfaces that enable applications and services to talk to each other. But these characteristics can also make it difficult to build secure software—and even more difficult for traditional AppSec tools to test it.

    Sample Customers
    Google, Amazon, NASA, FedEx, P&G, Salesforce
    Information Not Available
    Top Industries
    REVIEWERS
    Financial Services Firm22%
    Manufacturing Company22%
    Computer Software Company19%
    Comms Service Provider13%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm11%
    Comms Service Provider9%
    Government9%
    VISITORS READING REVIEWS
    Computer Software Company26%
    Financial Services Firm16%
    Manufacturing Company10%
    Insurance Company10%
    Company Size
    REVIEWERS
    Small Business21%
    Midsize Enterprise21%
    Large Enterprise57%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise15%
    Large Enterprise64%
    VISITORS READING REVIEWS
    Small Business21%
    Midsize Enterprise16%
    Large Enterprise63%
    Buyer's Guide
    Application Security Testing (AST)
    March 2024
    Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST). Updated: March 2024.
    765,234 professionals have used our research since 2012.

    PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 54 reviews while Synopsys API Security Testing is ranked 29th in Application Security Testing (AST) with 1 review. PortSwigger Burp Suite Professional is rated 8.6, while Synopsys API Security Testing is rated 7.0. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Synopsys API Security Testing writes "Useful threat vectors, beneficial results, but implementation needed support". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Synopsys API Security Testing is most compared with Seeker, Fortify WebInspect, Acunetix, OWASP Zap and SonarCloud.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.