We performed a comparison between Acunetix and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Their technical support has been very active. If I have an issue, I can reach out to them and get an answer pretty quick."
"Overall, it's a very good tool and a very good engine."
"It can operate both as a standalone and it can be integrated with other applications, which makes it a very versatile solution to have."
"We use the solution for the scanning of vulnerabilities like SQL injections."
"Picks up weaknesses in our app setups."
"The most valuable feature of the solution is the speed at which it can scan multiple domains in just a few hours."
"The vulnerability scanning option for analyzing the security loopholes on the websites is the most valuable feature of this solution."
"We are able to create a report which shows the PCI DSS scoring and share it with the application teams. Then, they can correlate and see exactly what they need to fix, and why."
"The most valuable features are Burp Intruder and Burp Scanner."
"The solution has a great user interface."
"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"Enables automation of different tasks such as authorization testing."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"It should be easier to recreate something manually, with the manual tool, because Acunetix is an automatic tool. If it finds something, it should be easier to manually replicate it. Sometimes you don't get the raw data from the input and output, so that could be improved."
"We want to see how much bandwidth usage it consumes. When we monitor traffic we have issues with the consumption and throttling of the traffic."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"I had some issues with the JSON parameters where it found some strange vulnerabilities, but it didn't alert the person using it or me about these vulnerabilities, e.g., an error for SQL injection."
"You can't actually change your password after you've set it unless you go back into the administration account and you change it there. Thus, if you're locked out and don't remember your password, that's a thing."
"Acunetix needs to be dynamic with JavaScript code, unlike Netsparker which can scan complex agents."
"There's a clear need for a reduction in pricing to make the service more accessible."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"If we're running a huge number of scans regularly, it slows down the tool."
"The solution’s pricing could be improved."
"The Initial setup is a bit complex."
"There is not much automation in the tool."
"As with most automated security tools, too many false positives."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"The use of system memory is an area that can be improved because it uses a lot."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Acunetix is ranked 17th in Application Security Tools with 26 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. Acunetix is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, HCL AppScan, Fortify WebInspect and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Acunetix vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Static Application Security Testing (SAST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.