We performed a comparison between CodeSonar and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."What I like best about CodeSonar is that it has fantastic speed, analysis and configuration times. Its detection of all runtime errors is also very good, though there were times it missed a few. The configuration of logs by CodeSonar is also very fantastic which I've not seen anywhere else. I also like the GUI interface of CodeSonar because it's very user friendly and the tool also shows very precise logs and results."
"It has been able to scale."
"The most valuable feature of CodeSonar is the catching of dead code. It is helpful."
"The most valuable features of CodeSonar were all the categorized classes provided, and reports of future bugs which might occur in the production code. Additionally, I found the buffer overflow and underflow useful."
"The tool is very good for detecting memory leaks."
"There is nice functionality for code surfing and browsing."
"CodeSonar’s most valuable feature is finding security threats."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools."
"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."
"PortSwigger Burp Suite Professional is one of the best user-friendly solutions for getting the proxy set up."
"The solution is quite helpful for session management and configuration."
"The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"There is no other tool like it. I like the intuitiveness and the plugins that are available."
"It was expensive."
"In terms of areas for improvement, the use case for CodeSonar was good, but compared to other tools, it seems CodeSonar isn't a sound static analysis tool, and this is a major con I've seen from it. Right now, in the market, people prefer sound static analysis tools, so I would have preferred if CodeSonar was developed into a sound static analysis tool formally, in terms of its algorithms, so then you can see it extensively used in the market because at the moment, here in India, only fifty to sixty customers use CodeSonar. If the product is developed into a sound static analysis tool, it could compete with Polyspace, and from its current fifty customers, that number could go up to a hundred."
"It would be beneficial for the solution to include code standards and additional functionality for security."
"CodeSonar could improve by having better coding rules so we did not have to use another solution, such as MISRA C."
"The scanning tool for core architecture could be improved."
"In a future release, the solution should upgrade itself to the current trends and differentiate between the languages. If there are any classifications that can be set for these programming languages that would be helpful rather than having everything in the generic category."
"There could be a shared licensing model for the users."
"The solution’s pricing could be improved."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"If we're running a huge number of scans regularly, it slows down the tool."
"There is not much automation in the tool."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"We'd like to have more integration potential across all versions of the product."
"As with most automated security tools, too many false positives."
"We wish that the Spider feature would appear in the same shape that it does in previous versions."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
CodeSonar is ranked 21st in Application Security Tools with 7 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. CodeSonar is rated 8.2, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of CodeSonar writes "Nice interface, quick to deploy, and easy to expand". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". CodeSonar is most compared with SonarQube, Coverity, Klocwork, Polyspace Code Prover and Semgrep Code, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our CodeSonar vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.