PortSwigger Burp Suite Professional pros and cons

Vendor: PortSwigger

4.3 out of 5

55 reviews
98% willing to recommend

1,447 followers

PortSwigger Burp Suite Professional Pros review quotes

VN

Vijayanathan Naganathan

Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd

Jan 2, 2020

Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it.

Read full review

Anuradha.Kapoor Kapoor

Head - Quality Control at Net Solutions

Aug 10, 2023

We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections.

Read full review

VD

reviewer1526550

Lead Security Architect at a comms service provider with 1,001-5,000 employees

Mar 12, 2021

The solution has a great user interface.

Read full review

PortSwigger Burp Suite Professional

Free Report: PortSwigger Burp Suite Professional Reviews and More

Learn what your peers think about PortSwigger Burp Suite Professional. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.

768,415 professionals have used our research since 2012.

DC

Team Lead at dhabsc

Aug 1, 2023

The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good.

Read full review

Senior Information Security Analyst at Accenture

Dec 19, 2017

I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature.

Read full review

AJ

reviewer1871559

Cyber Security Analyst at Tata Consultancy

May 29, 2022

The initial setup is simple.

Read full review

AA

reviewer1508730

Founder and Director at a financial services firm with 1-10 employees

Feb 19, 2021

The solution has a pretty simple setup.

Read full review

Senior Security Engineer at a insurance company with 10,001+ employees

May 16, 2019

This tool is more accurate than the other solutions that we use, and reports fewer false positives.

Read full review

NC

reviewer1112304

IT Manager at a manufacturing company with 10,001+ employees

Jan 22, 2020

The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately.

Read full review

Senior Consultant at Hexaware Technologies Limited

Jun 23, 2021

The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well.

Read full review

Show 10 more reviews (out of 52)

PortSwigger Burp Suite Professional Cons review quotes

VN

Vijayanathan Naganathan

Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd

Jan 2, 2020

The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired.

Read full review

Anuradha.Kapoor Kapoor

Head - Quality Control at Net Solutions

Aug 10, 2023

There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it.

Read full review

VD

reviewer1526550

Lead Security Architect at a comms service provider with 1,001-5,000 employees

Mar 12, 2021

It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated.

Read full review

PortSwigger Burp Suite Professional

Free Report: PortSwigger Burp Suite Professional Reviews and More

Learn what your peers think about PortSwigger Burp Suite Professional. Get advice and tips from experienced pros sharing their opinions. Updated: April 2024.

768,415 professionals have used our research since 2012.

DC

Team Lead at dhabsc

Aug 1, 2023

I would like to see the return of the spider mechanism instead of the crawling feature. Burp Suite's earlier version 1.7 had an excellent spider option, and it would be beneficial if Burp incorporated those features into the current version. The crawling techniques used in the current version are not as efficient as those used in earlier versions.

Read full review

Senior Information Security Analyst at Accenture

Dec 19, 2017

The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies.

Read full review

AJ

reviewer1871559

Cyber Security Analyst at Tata Consultancy

May 29, 2022

We'd like to have more integration potential across all versions of the product.

Read full review

AA

reviewer1508730

Founder and Director at a financial services firm with 1-10 employees

Feb 19, 2021

The pricing of the solution is quite high.

Read full review

Senior Security Engineer at a insurance company with 10,001+ employees

May 16, 2019

There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual.

Read full review

NC

reviewer1112304

IT Manager at a manufacturing company with 10,001+ employees

Jan 22, 2020

The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative.

Read full review

Senior Consultant at Hexaware Technologies Limited

Jun 23, 2021

There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI.

Read full review

Show 10 more reviews (out of 51)

Product Categories

Product Categories

Application Security Tools

Application Security Testing (AST)

Fuzz Testing Tools

Popular Comparisons

Popular Comparisons

SonarQube vs PortSwigger Burp Suite Professional

Veracode vs PortSwigger Burp Suite Professional

Checkmarx One vs PortSwigger Burp Suite Professional

Snyk vs PortSwigger Burp Suite Professional

GitLab vs PortSwigger Burp Suite Professional

Coverity vs PortSwigger Burp Suite Professional

OWASP Zap vs PortSwigger Burp Suite Professional

Mend.io vs PortSwigger Burp Suite Professional

Sonatype Lifecycle vs PortSwigger Burp Suite Professional

Fortify on Demand vs PortSwigger Burp Suite Professional

SonarCloud vs PortSwigger Burp Suite Professional

Acunetix vs PortSwigger Burp Suite Professional

HCL AppScan vs PortSwigger Burp Suite Professional

Qualys Web Application Scanning vs PortSwigger Burp Suite Professional

Fortify WebInspect vs PortSwigger Burp Suite Professional

See all alternatives

Product Categories

Product Categories

Application Security Tools

Application Security Testing (AST)

Fuzz Testing Tools

Popular Comparisons

Popular Comparisons

SonarQube vs PortSwigger Burp Suite Professional

Veracode vs PortSwigger Burp Suite Professional

Checkmarx One vs PortSwigger Burp Suite Professional

Snyk vs PortSwigger Burp Suite Professional

GitLab vs PortSwigger Burp Suite Professional

Coverity vs PortSwigger Burp Suite Professional

OWASP Zap vs PortSwigger Burp Suite Professional

Mend.io vs PortSwigger Burp Suite Professional

Sonatype Lifecycle vs PortSwigger Burp Suite Professional

Fortify on Demand vs PortSwigger Burp Suite Professional

SonarCloud vs PortSwigger Burp Suite Professional

Acunetix vs PortSwigger Burp Suite Professional

HCL AppScan vs PortSwigger Burp Suite Professional

Qualys Web Application Scanning vs PortSwigger Burp Suite Professional

Fortify WebInspect vs PortSwigger Burp Suite Professional

See all alternatives

Related questions

4,597

Is OWASP Zap better than PortSwigger Burp Suite Pro?

104

What is the biggest difference between OWASP Zap and PortSwigger Burp?

1,380

If you had to both encrypt and compress data during transmission, which would you do first and why?

200

When evaluating Application Security, what aspect do you think is the most important to look for?

277

What are the threats associated with using ‘bogus’ cybersecurity tools?

639

What are the Top 5 cybersecurity trends in 2022?

45

Which application security solutions include both vulnerability scans and quality checks?

113

We're evaluating Tripwire, what else should we consider?

3,250

Is SonarQube the best tool for static analysis?

79

Why Do I Need Application Security Software?