We performed a comparison between Acunetix and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We use the solution for the scanning of vulnerabilities like SQL injections."
"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."
"The most important feature is that it's a web-based graphical user interface. That is a great addition. Also, the ability to schedule scans is great."
"The solution is highly stable."
"The usability and overall scan results are good."
"There is a lot of documentation on their website which makes setting it up and using it quite simple."
"Overall, it's a very good tool and a very good engine."
"One of the features that I feel is groundbreaking, that I would like to see expanded on, is the IAS feature: The Interactive Application Security Testing module that gets loaded onto an application on a server, for more in-depth, granular findings. I think that is really neat. I haven't seen a lot of competitors doing that."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The solution is stable."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"It offers very good accuracy. You can trust the results."
"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."
"The solution scans web applications and supports APIs, which are the main features I really like."
"I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."
"The vulnerability identification speed should be improved."
"The solution's pricing could be better."
"The solution limits the number of scans. It would be much better if we could have unlimited scans."
"Acunetix needs to include agent analysis."
"In terms of what needs improvement, the way the licensing model is currently is not very convenient for us because initially, when we bought it, the licensing model was very flexible, but now it restricts us."
"The jargon used makes it difficult for project managers to understand the issues, and the technical explanations used make it difficult for developers to understand issues. These things should be simplified much more. That would be very helpful for us when explaining to them what needs to be fixed. The report output needs to be simplified."
"There are some versions of the solution that are not as stable as others."
"The solution lacks sufficient stability."
"The reporting needs to be improved; it is very bad."
"In the Professional version, we cannot link it with the CI/CD process."
"The number of false positives need to be reduced on the solution."
"There were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"The solution’s pricing could be improved."
"The Auto Scanning features should be updated more frequently and should include the latest attack vectors."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Acunetix is ranked 16th in Application Security Tools with 26 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Acunetix is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Acunetix writes "Fantastic reporting features hindered by slow scanning ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Acunetix is most compared with OWASP Zap, Tenable.io Web Application Scanning, HCL AppScan, Fortify WebInspect and Veracode, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, HCL AppScan, Qualys Web Application Scanning and SonarQube. See our Acunetix vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors and best Application Security Testing (AST) vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.