We performed a comparison between Fortify Software Security Center and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."This is a stable solution at the end of the day."
"You can easily download the tool's rule packs and update them."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"The active scanner, which does an automated search of any web vulnerabilities."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"I am impressed with the tool's detailed analysis for penetration testing. AppScan can give only visibility, but it can't do the PT part. But the PortSwigger Burp Application can do both, and it gives much more visibility on the PT rating."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"The most valuable feature of PortSwigger Burp Suite Professional is the Burp Intruder tool."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"Fortify Software Security Center's setup is really painful."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
"There should be a heads up display like the one available in OWASP Zap."
"In the Professional version, we cannot link it with the CI/CD process."
"One area that can be improved, when compared to alternative tools, is that they could provide different reporting options and in different formats like PDF or something like that."
"There is a lot to this product, and it would be good if when you purchase the tool, they can provide us with a more extensive user manual."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"The number of false positives need to be reduced on the solution."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
More Fortify Software Security Center Pricing and Cost Advice →
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify Software Security Center is ranked 27th in Application Security Testing (AST) with 3 reviews while PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 55 reviews. Fortify Software Security Center is rated 7.4, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify Software Security Center writes "A fair-priced solution that helps with application security testing ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify Software Security Center is most compared with Fortify on Demand, Tricentis Tosca, Checkmarx One and Fortify WebInspect, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
