We performed a comparison between Fortra Tripwire IP360 and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out what your peers are saying about Tenable, Wiz, Check Point Software Technologies and others in Vulnerability Management."We could manage our entire IP range with the solution."
"It's become the pinnacle point for anything that enters the network or anything that's passing through to production to first be affected by IP360, hardened, and up to standard. For our integrity management, one was deployed in the bank about two years ago and that's still going to expand the usage and the product itself. That will go hand in hand with training and expanding the product as for where it's deployed."
"Tripwire IP360 is a very stable solution."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"The solution helped us discover vulnerabilities in our applications."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The suite testing models are very good. It's very secure."
"The intercepting feature is the most valuable."
"The most valuable feature is Burp Collaborator."
"We need to dedicate time and resources to keep it running."
"The reporting functions can use improvement. There is room for growth because reporting functions differ a lot depending on what you're going to output. It depends on whether it's for technical or senior management and how it's interpreted. There could be growth within the reporting functionality side."
"I am not very impressed by the technical support."
"There should be a heads up display like the one available in OWASP Zap."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"The reporting needs to be improved; it is very bad."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"The solution’s pricing could be improved."
"There is not much automation in the tool."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortra Tripwire IP360 is ranked 37th in Vulnerability Management with 6 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Fortra Tripwire IP360 is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortra Tripwire IP360 writes "The solution helps users to manage their entire IP range, but it's unreliable and very expensive to maintain". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortra Tripwire IP360 is most compared with Tenable Nessus, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning.
We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.