PortSwigger Burp Reviews

Filter by:Reset all filters
industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
rating
Loading...
Filter Unavailable
Manish Rana
Consultant
Senior Information Security Analyst at a tech services company with 10,001+ employees
Dec 19 2017

What is most valuable?

Burp is the best web application penetration testing tool that I have ever used. Although all the features of Burp are very useful, I personally love its capability to… more»

How has it helped my organization?

The customer is almost all the time results-oriented and they want them real quick. Burp gives my organization a great authentic source of information on the security… more»

What needs improvement?

The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to… more»

What's my experience with pricing, setup cost, and licensing?

This is a value for money product.

If you previously used a different solution, which one did you use and why did you switch?

I have used a lot of tools for web application scanning and penetration testing -- like Qualys WAS, Nikto, OWASP ZAP proxy, Paros Proxy, DirBuster, Burp, etc. The reason… more»

What other advice do I have?

If you are looking for a single web application penetration testing solution at low cost, definitely give it a try. You can request a trial of the pro version from… more»

Which other solutions did I evaluate?

I am a consistent user of web application scanners and penetration testing solutions. I have used Qualys WAS, OWASP ZAP, sqlmap, Paros Proxy, and Nikto. But nothing stands… more»
Rishi Kant
Real User
Senior Security Engineer at a insurance company with 10,001+ employees
May 18 2019

What is most valuable?

There are several features that I like about this solution. The most valuable feature is that it has support for add-ons where we can add extra little scripts to the tool… more»

How has it helped my organization?

I don't have specific metrics but I can say that using this tool adds value.

What needs improvement?

There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual. This would help us to better… more»

What's my experience with pricing, setup cost, and licensing?

The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees.

If you previously used a different solution, which one did you use and why did you switch?

We have always used Burp Suite because it is a well-known tool.

What other advice do I have?

They are steadily improving things and adding features to this product. It was only three months ago when they added the dashboard support. Before that, they only had… more»

Which other solutions did I evaluate?

We considered using OWASP Zed Attack Proxy, which is open source. We decided to use this alongside the current solution, and also with IBM Security AppScan. This tool is… more»
Find out what your peers are saying about PortSwigger, Acunetix, HCL and others in Application Security. Updated: June 2019.
353,345 professionals have used our research since 2012.
Andrei Sandulescu
Real User
IT Auditor & Compliance Officer at a tech vendor with 51-200 employees
Jun 07 2019

What is most valuable?

The most valuable feature of this solution is the scanning functionality. Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them. Burp… more»

How has it helped my organization?

This solution has done a lot to improve our organization. It allows us to be proactive and solve issues before our external auditors find them.

What needs improvement?

I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory. Sometimes, the application is blocking. The reporting also needs improvement. Specifically, if there… more»

What's my experience with pricing, setup cost, and licensing?

Our licensing cost is approximately $400 USD per year. There are no costs in addition to the standard licensing fees.

What other advice do I have?

I would recommend this product to others. It is very straightforward and it is oriented to the application, which is why we chose it. I would also recommend reviewing and using the extensions that are… more»

Which other solutions did I evaluate?

We did evaluate other options before choosing this solution.
Real User
Security Analyst at a tech services company with 201-500 employees
Apr 16 2019

What is most valuable?

In my opinion, all of the features seem to be of equal value really. I'm currently using the latest version.

How has it helped my organization?

I use Burp Suite on my laptop in my room for my personal research study. Since I don't use it for corporate work or company research purposes I can't comment on how it has… more»

What needs improvement?

The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.

What's my experience with pricing, setup cost, and licensing?

My only advice for anyone looking for a personal use case for testing Web application security is this is a good option.

If you previously used a different solution, which one did you use and why did you switch?

At work, I use an open source SAP solution. It's a free tool. It's a fully automated tool and it's fully furnished. Currently, I'm the only user and it's my job to analyze… more»

What other advice do I have?

It's actually a very good product. It's pretty automated and it's easy to work with. No additional features need to be added because it's already an extraordinary tool. So… more»

Which other solutions did I evaluate?

Before choosing this tool, no, I didn't evaluate any other options. I know what I wanted and I'm very happy with it.
Ivan Biagi
Real User
Security Specialist at a tech consulting company with 1-10 employees
May 31 2019

What do you think of PortSwigger Burp?

What is our primary use case?

I use this primarily for intercepting mobile HTTP and HTTPS requests with SSL pinning bypass. It's a better tool for manual tasks.

How has it helped my organization?

This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps.

What is most valuable?

The best feature that I've found is the built-in manual tools.

What needs improvement?

The scanner and crawler need to be improved.

For how long have I used the solution?

More than three years.

Articles

User Assessments By Topic About PortSwigger Burp

Find out what your peers are saying about PortSwigger, Acunetix, HCL and others in Application Security. Updated: June 2019.
353,345 professionals have used our research since 2012.

PortSwigger Burp Questions

PortSwigger Burp Projects By Members

What is PortSwigger Burp?

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Also known as
Burp
PortSwigger Burp customers

Maven Security Consulting, OWASP Italy, Penetration Testing Firm

BUYER'S GUIDE
Download our free Application Security Report and find out what your peers are saying about PortSwigger, Acunetix, HCL, and more!
Sign Up with Email