We performed a comparison between PortSwigger Burp Suite Professional and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good."
"The extension that it provides with the community version for the skills mapping is excellent."
"This tool is more accurate than the other solutions that we use, and reports fewer false positives."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"What I like most about AppSpider is that it's easy to use and its automated scan gives me all the details I need to know when it comes to vulnerabilities and their solutions."
"I like the ability the product has to detect vulnerabilities quickly, when it has been released in our environment, then displaying them to us."
"It scans all the components developed within a web application."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"It is really accurate and the rate of false positives is very low."
"I would say that it is stable, as I am not aware of any major issues."
"The entire solution is interactive and has a point-and-click user experience, which makes it easy to find items or drill down on information. You don't need specialized skills to use the product."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"The scanner and crawler need to be improved."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"The price could be better. The rest is fine."
"There should be a heads up display like the one available in OWASP Zap."
"BurpSuite has some issues regarding authentication with OAT tokens that need to be improved."
"Sometimes the solution can run a little slow."
"The dashboard and interface are crucial and they need some improvement."
"Implementing Rapid7 AppSpider requires scanning and self-identification mechanisms. You can add different types of authentication to each scan."
"The product needs to be able to scale for large companies, like ours. We have millions of IP addresses that need to be scanned, and the scalability is not great."
"The tech support is responsive but issues remain unresolved."
"There are some glitches with stability, and it is an area for improvement."
"It needs better integration with mobile applications."
"One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions."
"The performance of the solution could improve. When I compare the speed it is slower than others on the market. There are some tricks we use to help speed up the solution."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 55 reviews while Rapid7 AppSpider is ranked 25th in Application Security Testing (AST) with 13 reviews. PortSwigger Burp Suite Professional is rated 8.6, while Rapid7 AppSpider is rated 7.8. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and HCL AppScan. See our PortSwigger Burp Suite Professional vs. Rapid7 AppSpider report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.