PortSwigger Burp Suite Professional Previous Solutions
We previously used OWASP Zap before moving to PortSwigger. Acunetix was very expensive, so the organization was not ready to spend that much. And Veracode was not competitive at that time because it was basically more for code scanning, not for the application, black box scanning. So we were looking for something which was a black box scanning kind of our solution. So we figured out that Burp Suite is good. Plus, one of our customers also recommended us to use that tool, and we had a license version from him to use it for their project. So we also had experience there. So that's why we moved to this solution, and more about the price-wise also it's very nominal.
View full review »PL
Pierre Lend
Cyber Security Consultant at Accenture
We trust Burp Suite to identify vulnerabilities in the application with pretty good accuracy.
We have previously used a free, open-source solution called OWASP ZAP. Since PortSwigger Burp Suite Professional is the standard in the industry, it's much better than OWASP ZAP.
View full review »Buyer's Guide
PortSwigger Burp Suite Professional
April 2024
Learn what your peers think about PortSwigger Burp Suite Professional. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,246 professionals have used our research since 2012.
Nessus is a more expensive solution than Burp Suite, which offers a broader range of services, including network and website scanning features. You can’t compare them.
View full review »This is among the best in comparison to all other tools. If we compare it to Zap, et cetera, Burp Suite is the best among those. There's also Nikto and lots of tools available. We prefer to work with Burp as Burp Suite is like a framework. It has lots of tools in-built. Therefore, we can do multiple tasks on a single platform from a single framework. It's like a one-stop shop.
View full review »I was previously using OWASP Zap.
View full review »I personally don’t use a lot of tools except AWS for general clients.
Burp Suite is quite easy to use when compared to AWS. However AWS has an open source tool, therefore any developer can use it. Burp Suite is a paid solution and needs a professional license to operate.
DC
Dhaba C
Team Lead at dhabsc
I have experience with Burp Suite Professional and Zap Framework. I've used them for a variety of application security testing tasks, including vulnerability scanning, penetration testing, and threat modeling.
I haven't had the need to explore other tools. I've been using Burp Suite since the beginning of my career, and it has consistently met my requirements. I've used other tools in lab settings, but Burp Suite remains my preference.
View full review »EA
Eldar Aydayev
President & Owner at Aydayev's Investment Business Group
I have used Zap and it is lightweight compare to this solution's functions.
View full review »RP
Rahul Singh Patel
Cyber security Lead at PCS
We have used Netsparker and WebInspect. WebInspect is very difficult to operate.
View full review »MN
Manikantha Nagireddy
Security Tester at Ray Business Technologies Private Limited
I have used Nessus, previously. Nessus helped with only OS and analysis but Burp Suite helps with application scanning, detecting vulnerabilities and expertisation.
NS
reviewer1753959
Cyber Security Engineer at a transportation company with 10,001+ employees
I previously used OS SAP, but I switched to Burp Suite when the support for that solution stopped.
View full review »I started with Burp Suite. I’ve only used that. I haven't used anything other than that.
View full review »VN
Vijayanathan Naganathan
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
I've used different tools like Acunetix.
The first tool that we started with was Acunetix. Acunetix as quite expensive, first and foremost. It's more suitable for web application scanning and penetration. PortSwigger's has a larger play beyond applications, it supports REST API and all that stuff, that kind of support is great with PortSwigger.
The kind of mechanism that's there is you can just capture the flow if the application. They usually have what is called as a flow sequence in proxy history with which all the user actions are captured. That's all that is done by the tool completely. Once that information is there, much you can control exploit requests with the tool. Whatever the tool shows, I have the opportunity to throttle and change payloads and see how the application behaves.
We used the online web scanners with Acunetix. We found it a little difficult and that was one reason why. In fact, when we got the contract with the client and we evaluated multiple tools, that's why we chose PortSwigger's BurpSuite.
SB
Sajda Bano
Quality Analyst at Hiup Solution
I used to use OWASP Zap. It is a free solution. I moved to Burp as the accuracy rate was higher. We wanted something that provided correct information about errors.
View full review »NS
Nagaraj Sheshachalam
Lead Cyber Security engineer at a manufacturing company with 10,001+ employees
No dint use.
View full review »We have always used Burp Suite because it is a well-known tool.
View full review »RO
CyberSecAn08987
Cyber Security Analyst at a tech vendor with 1,001-5,000 employees
Before Burp I was manually proxying the data myself. I have experience making my own tools for security assessment. Burp is pretty convenient, and it's one of the most popular tools, which is why I began using it.
I also use Wireshark, which is pretty effective too.
View full review »AJ
reviewer1871559
Cyber Security Analyst at a comms service provider with 10,001+ employees
I have used many other tools. This is one of the best tools that I'm using. I found this one much better.
NC
reviewer1112304
IT Manager at a manufacturing company with 10,001+ employees
AA
reviewer1508730
Founder and Director at a financial services firm with 1-10 employees
I've worked with other solutions, such as Acutenix. As a consultant, I always have two to three tools for running and validating for testing. There is no plus or minus to each tool, really. The process itself would be more like using multiple tools to find out whether it appears in all the tools or not.
View full review »I used many solutions but I found the best value, features and documentation in Burp.
View full review »I have used Charles Proxy, CAT, and Fiddler as well, but found Burp easier to use.
For automated scanning, there are stronger alternatives to Burp, such as Acunetix, IBM AppScan, Nexpose, Qualys, etc.
View full review »MM
reviewer1223976
Cyber Security Specialist at a university with 10,001+ employees
We also have OWASP Zap and we continue to use these two tools.
Zap has a heads up display within its own browser, which is a very good feature. Zap is also completely free, whereas Burp has a free version but it also has licenses available.
For the most part, we use open-source solutions, which are free of charge.
View full review »Prior to this solution, we used various open-source or free applications. We wanted to streamline and improve productivity by standardizing the products that we use.
View full review »I have used a lot of tools for web application scanning and penetration testing -- like Qualys WAS, Nikto, OWASP ZAP proxy, Paros Proxy, DirBuster, Burp, etc.
The reason for switching to Burp is the capabilities of this tool. The scanner is very powerful and the way it integrates with third-party code is really cool. Other tools simply do not have these capabilities.
SD
reviewer1471662
Lead Software Architect at a tech services company with 201-500 employees
When we compare it to other programs that we have such as OWAP Zap, we found Burp to be more suitable.
View full review »I use many projects, but Burp is the best all round solution for manual application testing.
View full review »AG
reviewer1458246
Cyber Security Analyst at a tech services company with 11-50 employees
We previously used some open-source applications, but later on, we found out that, unfortunately, they are not good products. We had to use the applications of all other products separately in our environment, but PortSwigger can do all things itself. That's why we switched to PortSwigger.
View full review »JA
Securitydbe0
Security Analyst at a tech services company with 201-500 employees
At work, I use an open source SAP solution. It's a free tool. It's a fully automated tool and it's fully furnished. Currently, I'm the only user and it's my job to analyze this product.
View full review »AR
reviewer1261914
AVP - Software Quality Assurance at a tech services company with 201-500 employees
We didn't previously use a different solution.
View full review »Buyer's Guide
PortSwigger Burp Suite Professional
April 2024
Learn what your peers think about PortSwigger Burp Suite Professional. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.
768,246 professionals have used our research since 2012.