PortSwigger Burp Reviews

Filter by:Reset all filters
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Vijayanathan Naganathan
Real User
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
Jan 02 2020

What is most valuable?

I like the way the tool has been designed. Once I capture the proxy, I'm able to transfer across, all the requested information that is there. I can send across the request to the 'Repeater' feature… more»

How has it helped my organization?

We're an independent IT organization that specializes in vulnerability assessment and penetration testing, and we focus here on application security. This tool really helps me unearth security issues… more»

What needs improvement?

In the earlier versions what we saw was that the REST API was something that needed to be improved upon but I think that has come in the new edition when I was reading through the release offset… more»

What's my experience with pricing, setup cost, and licensing?

Licensing costs are about $450/year for one use. For larger organizations, they would be able to test against multiple applications simultaneously while others might have multiple versions of… more»

Which solution did I use previously and why did I switch?

I've used different tools like Acunetix. The first tool that we started with was Acunetix. Acunetix as quite expensive, first and foremost. It's more suitable for web application scanning and… more»

What other advice do I have?

The tool comes in three type. First, there is the Open Community Edition, which is meant for people who use it to learn the tool or use it to secure their system. This edition does not have scanning… more»
Rishi Kant
Real User
Senior Security Engineer at a insurance company with 10,001+ employees
May 18 2019

What is most valuable?

There are several features that I like about this solution. The most valuable feature is that it has support for add-ons where we can add extra little scripts to the tool… more»

How has it helped my organization?

I don't have specific metrics but I can say that using this tool adds value.

What needs improvement?

There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual. This would help us to better… more»

What's my experience with pricing, setup cost, and licensing?

The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees.

Which solution did I use previously and why did I switch?

We have always used Burp Suite because it is a well-known tool.

What other advice do I have?

They are steadily improving things and adding features to this product. It was only three months ago when they added the dashboard support. Before that, they only had… more»

Which other solutions did I evaluate?

We considered using OWASP Zed Attack Proxy, which is open source. We decided to use this alongside the current solution, and also with IBM Security AppScan. This tool is… more»
Find out what your peers are saying about PortSwigger, Acunetix, HCL and others in Application Security. Updated: March 2020.
407,845 professionals have used our research since 2012.
Nidhi Chamotra
Real User
Business Analyst at a consultancy with 10,001+ employees
Jan 22 2020

What is most valuable?

The solution is very user-friendly. The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately.

How has it helped my organization?

It has been provide user direct access to users scan their websites and find vulnerability in good price. Burp is one of the most extensively used tool in org to do other security based… more»

What needs improvement?

The biggest drawback is reporting. It's not so good. I can download reports, but they're not so informative. For example, they are providing very good information about vulnerabilities, but when you… more»

Which solution did I use previously and why did I switch?

What other advice do I have?

We use the on-premises deployment model. I would rate the solution seven out of ten.

Which other solutions did I evaluate?

When we had an issue with scanning, we did look into exploring other options like OWASP Zap, Acunetix, etc. We stayed with Burp because we had it set up in our system, and then they had our scanning… more»
Real User
Cyber Security Specialist at a university with 10,001+ employees
Jan 30 2020

What is most valuable?

The most valuable features are Burp Intruder and Burp Scanner. The automatic scanning feature is helpful.

What needs improvement?

The interface for the automatic scan can be improved because it is easy for technical users, but the business users have trouble with it. There is documentation but the interface should be more user-friendly. There should be a heads up… more»

What's my experience with pricing, setup cost, and licensing?

There are different licenses available that include a free version.

Which solution did I use previously and why did I switch?

We also have OWASP Zap and we continue to use these two tools. Zap has a heads up display within its own browser, which is a very good feature. Zap is also completely free, whereas Burp has a free version but it also has licenses available… more»

What other advice do I have?

We do have problems with some of the add-ons that we install from the marketplace. They may not be available or out of support, so when you want to install them, they are not there. This is a very nice tool and anybody can use it, from… more»
Real User
User
Oct 01 2019

What is most valuable?

The auto scanning feature provides really good details about issues that it finds. Crawling web applications using Burp Spider, Target Site Map, automating customized… more»

How has it helped my organization?

In the early years, we did not check our web applications for security vulnerabilities before releasing them to customers. Since we began this practice for every… more»

What needs improvement?

The Auto Scanning features should be updated more frequently and should include the latest attack vectors. It would be really helpful if the issue details contained… more»

What's my experience with pricing, setup cost, and licensing?

There is no setup cost and the cost of licensing is affordable.

Which solution did I use previously and why did I switch?

Prior to this solution, we used various open-source or free applications. We wanted to streamline and improve productivity by standardizing the products that we use.

What other advice do I have?

All application development organizations should purchase BurpSuite and train their developers on how to use this solution to identify security flaws. This will help to… more»

Which other solutions did I evaluate?

We tested all of the free apps and could not find a stable all-in-one solution other than BurpSuite.
Andrei Sandulescu
Real User
IT Auditor & Compliance Officer at a tech vendor with 51-200 employees
Jun 07 2019

What is most valuable?

The most valuable feature of this solution is the scanning functionality. Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them. Burp… more»

How has it helped my organization?

This solution has done a lot to improve our organization. It allows us to be proactive and solve issues before our external auditors find them.

What needs improvement?

I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory. Sometimes, the application is blocking. The reporting also needs improvement. Specifically, if there… more»

What's my experience with pricing, setup cost, and licensing?

Our licensing cost is approximately $400 USD per year. There are no costs in addition to the standard licensing fees.

What other advice do I have?

I would recommend this product to others. It is very straightforward and it is oriented to the application, which is why we chose it. I would also recommend reviewing and using the extensions that are… more»

Which other solutions did I evaluate?

We did evaluate other options before choosing this solution.
CyberSecAn08987
Real User
Cyber Security Analyst at a tech vendor with 1,001-5,000 employees
Aug 21 2019

What is most valuable?

The Spider is the most useful feature. It helps to analyze the entire web application and it finds all the passes and offers an automated identification of security issues.

How has it helped my organization?

The solution helps to identify security issues quickly.

What needs improvement?

The number of false positives needs to be reduced on the solution. I'm not sure whether some features need to be added because the product has a specific toolset, and if I do need some additional… more»

What's my experience with pricing, setup cost, and licensing?

Licensing is paid on a yearly basis. The yearly cost is about $300.

Which solution did I use previously and why did I switch?

Before Burp I was manually proxying the data myself. I have experience making my own tools for security assessment. Burp is pretty convenient, and it's one of the most popular tools, which is why I… more»

What other advice do I have?

For application security testing, I would suggest Burp. It's probably the leader in this area. It's just like analog tools such as OWASP ZAP, which is open-source. OWASP ZAP is still not as effective… more»
Consultant
Security Analyst at a tech services company with 201-500 employees
Apr 16 2019

What is most valuable?

In my opinion, all of the features seem to be of equal value really. I'm currently using the latest version.

How has it helped my organization?

I use Burp Suite on my laptop in my room for my personal research study. Since I don't use it for corporate work or company research purposes I can't comment on how it has… more»

What needs improvement?

The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.

What's my experience with pricing, setup cost, and licensing?

My only advice for anyone looking for a personal use case for testing Web application security is this is a good option.

Which solution did I use previously and why did I switch?

At work, I use an open source SAP solution. It's a free tool. It's a fully automated tool and it's fully furnished. Currently, I'm the only user and it's my job to analyze… more»

What other advice do I have?

It's actually a very good product. It's pretty automated and it's easy to work with. No additional features need to be added because it's already an extraordinary tool. So… more»

Which other solutions did I evaluate?

Before choosing this tool, no, I didn't evaluate any other options. I know what I wanted and I'm very happy with it.
See 3 More PortSwigger Burp Reviews

Articles

User Assessments By Topic About PortSwigger Burp

Find out what your peers are saying about PortSwigger, Acunetix, HCL and others in Application Security. Updated: March 2020.
407,845 professionals have used our research since 2012.

PortSwigger Burp Questions

What is PortSwigger Burp?

Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.

Also known as
Burp
PortSwigger Burp customers

Maven Security Consulting, OWASP Italy, Penetration Testing Firm

Read Archived Reviews
BUYER'S GUIDE
Download our free Application Security Report and find out what your peers are saying about PortSwigger, Acunetix, HCL, and more!