ImmuniWeb vs PortSwigger Burp Suite Professional comparison

"The most valuable features are the SLA of Zero false-positives, less time of service development, validation of unlimited patched vulnerabilities, and several others."

"ImmuniWeb is stable."

"I like the fully automated continuous discovery run by ImmuniWeb in the background. We do not need to rerun the same tests or the same scanning against our resources. We need to supply our IP addresses, domain names, and significant resources with special domain names and URLs, and we need to do it only once. Then we always have an up-to-date picture. I also like the integration with our single sign-on system. We do not need to maintain a separate set of usernames or user accounts. We can plug this ImmuniWeb service into our authentication technology, enabling two-factor authentication. We have secure authentication right out of the box. The other important feature I like is the executive view. You can easily switch from a technical view to an executive view and have a helicopter view of the compliance status. We can see how much effort is required and our current status."

"ImmuniWeb boasts a robust vulnerability detection mechanism, formidable threat mitigation, and an efficient remediation process, incorporating automation techniques and ALM strategies. The solution is highly stable. The solution is scalable. Editing Key Points for Review "Review about ImmuniWeb" What is our primary use case? We use the solution when we face challenges and urgent attention is needed for complex cases from our clients. To address this, we collaborate with the middleware, internal, and client teams to analyze and sort through intricate logs concerning our business cybersecurity program. How has it helped my organization? The solution helped us with one of our clients in the New York area contacted us about a data breach. In response, we swiftly organized a case meeting involving our client, internal, and email customer support teams. Together, we conducted an incident response, facilitating offline assistance for proper planning and risk management processes. We delved into the details of the data breach, identified how it occurred, and collaborated to rectify the issue. The client expressed satisfaction with the resolution process. What is most valuable? ImmuniWeb boasts a robust vulnerability detection mechanism, formidable threat mitigation, and an efficient remediation process, incorporating automation techniques and ALM strategies. It also focuses on consumer satisfaction and operates in English-speaking markets, primarily required by the UAE, the United States, Canada, and Australia, among other developed countries. For how long have I used the solution? We have been using this product for the past one and half years. What do I think about the stability of the solution? The solution is highly stable. I rate it a perfect ten. What do I think about the scalability of the solution? The solution is scalable. I rate it a nine out of ten. How are customer service and support? Support is generally excellent"

"The solution's most valuable feature is reporting."

"After the assessment, you clearly know which assets require penetration testing."

"The initial setup process is user-friendly."

"The tool provides complimentary services. It allows you to add a lot of extensions, and you can get extensions quite often. It is quite a flexible application."

"It was easy to learn."

"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."

"The active scanner, which does an automated search of any web vulnerabilities."

"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."

"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."

"PortSwigger Burp Suite Professional has an intercept tab that helps us to scan our APIs, set the response, and request errors."

"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."

"It would be better if they had an automated tagging feature. The tagging functionality currently requires manual tagging, and that's probably the most needed feature from my standpoint. We also do not have enough tools, enough features, or options to display different resources in the way we need. There are basic grouping and some filtering features, but we still cannot fully separate some flavors of our resources. However, we may not be aware of the latest features."

"A great idea would be to support using Discovery on the internal network, allowing delivery of all the features of the current Discovery to internal network resources."

"Its technical support could be better."

"The product’s interface for the web applications could be similar to Android and iOS versions."

"The deployment process on the cloud is straightforward, while on-premise can be complex. Support is generally excellent, although there can be delays in ticket resolution."

"ImmuniWeb sometimes shows previous scans instead of running tests."

"A great idea would be to make a mobile application for the ImmuniWeb portal so that all information would be available on the go and from a mobile phone as well. It would be much more convenient."

"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."

"If we're running a huge number of scans regularly, it slows down the tool."

"The solution’s pricing could be improved."

"The use of system memory is an area that can be improved because it uses a lot."

"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."

"We wish that the Spider feature would appear in the same shape that it does in previous versions."

"The reporting needs to be improved; it is very bad."

"There should be a heads up display like the one available in OWASP Zap."

"ImmuniWeb is relatively cheap. It's a competitive price compared to other products in the marketplace. It's worth the money we are paying for it."

"It is pretty expensive."

"The values of ImmuniWeb are currently significantly below what is valued in the Chilean market for these services and solutions."

"The platform is expensive if a large development is involved. However, it is less expensive for scheduled-based testing, quarterly or in a year."

"I use the product's free version. The tool costs around 229 dollars."

"It is pretty expensive."

"There should be the flexibility to change or add pricing, especially for pay-per-use cases."

"We are using the community version, which is free."

"PortSwigger is reasonably-priced. It's fair."

"The solution used to be expensive. However, they have reduced the price to approximately $400.00 which is reasonable."

"We have one license. The price is very nominal."

"Burp Suite is affordable."

"The yearly cost is about $300."

"For a country such as Sri Lanka, the pricing is not reasonable."

"Pricing is not very high. It was around $200."