We previously used OWASP Zap before moving to PortSwigger. Acunetix was very expensive, so the organization was not ready to spend that much. And Veracode was not competitive at that time because it was basically more for code scanning, not for the application, black box scanning. So we were looking for something which was a black box scanning kind of our solution. So we figured out that Burp Suite is good. Plus, one of our customers also recommended us to use that tool, and we had a license version from him to use it for their project. So we also had experience there. So that's why we moved to this solution, and more about the price-wise also it's very nominal.

We trust Burp Suite to identify vulnerabilities in the application with pretty good accuracy.

We have previously used a free, open-source solution called OWASP ZAP. Since PortSwigger Burp Suite Professional is the standard in the industry, it's much better than OWASP ZAP.

Nessus is a more expensive solution than Burp Suite, which offers a broader range of services, including network and website scanning features. You can’t compare them.

This is among the best in comparison to all other tools. If we compare it to Zap, et cetera, Burp Suite is the best among those. There's also Nikto and lots of tools available. We prefer to work with Burp as Burp Suite is like a framework. It has lots of tools in-built. Therefore, we can do multiple tasks on a single platform from a single framework. It's like a one-stop shop.

I was previously using OWASP Zap.

I personally don’t use a lot of tools except AWS for general clients.

I have experience with Burp Suite Professional and Zap Framework. I've used them for a variety of application security testing tasks, including vulnerability scanning, penetration testing, and threat modeling.

I haven't had the need to explore other tools. I've been using Burp Suite since the beginning of my career, and it has consistently met my requirements. I've used other tools in lab settings, but Burp Suite remains my preference.

I have used Zap and it is lightweight compare to this solution's functions. 

We have used Netsparker and WebInspect. WebInspect is very difficult to operate.

I have used Nessus, previously. Nessus helped with only OS and analysis but Burp Suite helps with application scanning, detecting vulnerabilities and expertisation.

I previously used OS SAP, but I switched to Burp Suite when the support for that solution stopped.

I started with Burp Suite. I’ve only used that. I haven't used anything other than that.

I've used different tools like Acunetix. 

The first tool that we started with was Acunetix. Acunetix as quite expensive, first and foremost. It's more suitable for web application scanning and penetration. PortSwigger's has a larger play beyond applications, it supports REST API and all that stuff, that kind of support is great with PortSwigger.

The kind of mechanism that's there is you can just capture the flow if the application. They usually have what is called as a flow sequence in proxy history with which all the user actions are captured. That's all that is done by the tool completely. Once that information is there, much you can control exploit requests with the tool. Whatever the tool shows, I have the opportunity to throttle and change payloads and see how the application behaves.

We used the online web scanners with Acunetix. We found it a little difficult and that was one reason why. In fact, when we got the contract with the client and we evaluated multiple tools, that's why we chose PortSwigger's BurpSuite.

I used to use OWASP Zap. It is a free solution. I moved to Burp as the accuracy rate was higher. We wanted something that provided correct information about errors. 

No dint use. 

We have always used Burp Suite because it is a well-known tool.

Before Burp I was manually proxying the data myself. I have experience making my own tools for security assessment. Burp is pretty convenient, and it's one of the most popular tools, which is why I began using it.

I also use Wireshark, which is pretty effective too.

I have used many other tools. This is one of the best tools that I'm using. I found this one much better. 

I've worked with other solutions, such as Acutenix. As a consultant, I always have two to three tools for running and validating for testing. There is no plus or minus to each tool, really. The process itself would be more like using multiple tools to find out whether it appears in all the tools or not.

I used many solutions but I found the best value, features and documentation in Burp.

I have used Charles Proxy, CAT, and Fiddler as well, but found Burp easier to use.

For automated scanning, there are stronger alternatives to Burp, such as Acunetix, IBM AppScan, Nexpose, Qualys, etc.

We also have OWASP Zap and we continue to use these two tools.

Zap has a heads up display within its own browser, which is a very good feature. Zap is also completely free, whereas Burp has a free version but it also has licenses available.

For the most part, we use open-source solutions, which are free of charge.

Prior to this solution, we used various open-source or free applications. We wanted to streamline and improve productivity by standardizing the products that we use.

I have used a lot of tools for web application scanning and penetration testing -- like Qualys WAS, Nikto, OWASP ZAP proxy, Paros Proxy, DirBuster, Burp, etc.

The reason for switching to Burp is the capabilities of this tool. The scanner is very powerful and the way it integrates with third-party code is really cool. Other tools simply do not have these capabilities.

When we compare it to other programs that we have such as OWAP Zap, we found Burp to be more suitable.

I use many projects, but Burp is the best all round solution for manual application testing.

We previously used some open-source applications, but later on, we found out that, unfortunately, they are not good products. We had to use the applications of all other products separately in our environment, but PortSwigger can do all things itself. That's why we switched to PortSwigger.

At work, I use an open source SAP solution. It's a free tool. It's a fully automated tool and it's fully furnished. Currently, I'm the only user and it's my job to analyze this product.

We didn't previously use a different solution.