No more typing reviews! Try our Samantha, our new voice AI agent.

Fortify Software Security Center vs PortSwigger Burp Suite Professional comparison

OpenText and PortSwigger are both solutions in the Static Application Security Testing (SAST) category. OpenText is ranked #19 with an average rating of 9.0, while PortSwigger is ranked #5 with an average rating of 9.0. OpenText holds a 1.3% mindshare in SAST, compared to PortSwigger’s 2.4% mindshare. Additionally, 100% of OpenText users are willing to recommend the solution, compared to 98% of PortSwigger users who would recommend it.
Fortify Software Security C...
Read 8 Fortify Software Security Center reviews
  • 1,316 Views
  • 1,263 Comparison Views
100% willing to recommend
PortSwigger Burp Suite Prof...
Read 65 PortSwigger Burp Suite Professional reviews
  • 5,991 Views
  • 3,595 Comparison Views
98% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Fortify Software Security Center and PortSwigger Burp Suite Professional compete in the realm of software security solutions. PortSwigger Burp Suite Professional appears to have the upper hand due to its flexibility and innovative features, whereas Fortify is superior in comprehensive security management capabilities.

Features: Fortify Software Security Center includes static and dynamic analysis, extensive reporting, and integration capabilities for enterprise environments. PortSwigger Burp Suite Professional features interactive web vulnerability scanning, advanced attack simulation tools, and integration with CI/CD pipelines.

Room for Improvement: Fortify Software Security Center could improve by simplifying its deployment process, reducing setup time, and offering more user-friendly interfaces. It may also benefit from expanding community-driven support resources. PortSwigger Burp Suite Professional could enhance by broadening its application security scope, improving detailed reporting features, and increasing enterprise-level integration options.

Ease of Deployment and Customer Service: Fortify Software Security Center requires substantial infrastructure, potentially impacting deployment speed, and offers comprehensive enterprise-focused support. PortSwigger Burp Suite Professional provides faster implementation with easier deployment, supported by a knowledgeable community forum and direct critical issue support.

Pricing and ROI: Fortify Software Security Center has a higher setup cost aimed at long-term ROI through enhanced security posture. PortSwigger Burp Suite Professional offers a more attractive initial pricing structure, providing quicker ROI with efficient web testing capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Fortify Software Security Center vs. PortSwigger Burp Suite Professional Report (Updated: March 2026).
Buyer's Guide
Fortify Software Security Center vs. PortSwigger Burp Suite Professional
March 2026
Download the complete report
Helped 885,311 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Fortify Software Security C...
Ranking in Static Application Security Testing (SAST)
19th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
8
Ranking in other categories
No ranking in other categories
PortSwigger Burp Suite Prof...
Ranking in Static Application Security Testing (SAST)
5th
Average Rating
8.6
Reviews Sentiment
6.3
Number of Reviews
65
Ranking in other categories
Application Security Tools (8th), Fuzz Testing Tools (1st)
 

Mindshare comparison

As of March 2026, in the Static Application Security Testing (SAST) category, the mindshare of Fortify Software Security Center is 1.3%, up from 0.4% compared to the previous year. The mindshare of PortSwigger Burp Suite Professional is 2.4%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Static Application Security Testing (SAST) Mindshare Distribution
ProductMindshare (%)
PortSwigger Burp Suite Professional2.4%
Fortify Software Security Center1.3%
Other96.3%
Static Application Security Testing (SAST)
 

Featured Reviews

Diego Caicedo Lescano - PeerSpot reviewer
Diego Caicedo Lescano
Chief Innovation Officer at SAGGA
Enables centralized analysis and improves governance through seamless tool integration
The main use case for Fortify Software Security Center is exceptional because we have governance and control through that console. You can centralize both static analysis and dynamic analysis, and correlate both analyses in one tool to get better results by combining those independent results from each solution. That is outstanding, and there is no tool I have seen on the market that offers these capabilities. I appreciate the interoperability with other solutions from Fortify Software Security Center. Because we are using Kiuwan, you can run Kiuwan analyses and integrate them with Fortify Software Security Center to get those results in a single console. That is a good console for centralizing things in one point. That is one of the best features of the on-premises Fortify.
Read full review
MH
Moti Huberman
Penetration Tester & Information Security Expert at a comms service provider with 11-50 employees
Dedicated browser and repeater have improved my proxy testing and manual vulnerability checks
I'm hoping perhaps for something to make it easier, such as to define things where if a message or a response is such and such, automatically make a request that is such and such. Perhaps something like this because otherwise, nowadays we have to do it manually. Perhaps they can automate it a bit more. Perhaps they could add some automation to things, to see what we do manually, which it has the tools to do manually, and perhaps enable with a click of a button to do things automatically. I'm not too sure which, but I'm sure they can from a product management point of view, do things that we need to do two, three, or four steps manually regarding specific testing. For instance, we want to check something specific if it's this or if it's that. Perhaps to define it once and have it more automatic, perhaps.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It's very important because they want to scan their source code every day, so we provide CICD integration to our customers so they can auto build and auto test every day, get reports, and fix issues."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"This is a stable solution at the end of the day."
"The reporting is very useful because you can always view an entire list of the issues that you have."
"I like the explanation of issues provided by Fortify Software Security Center."
"Software Security Center is highly customizable and helps me test all vulnerability data against the latest conventions like OWASP Top Ten, CVE Top twenty-five, and several other legal compliances."
"The main use case for Fortify Software Security Center is exceptional because we have governance and control through that console."
"The overall rating for this tool is ten out of ten."
More Fortify Software Security Center pros
"The product is very good just the way it is; It has everything already well established and functions great."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The most valuable feature is Burp Collaborator."
"This is one of the best tools that I'm using; I found this one much better."
"It offers flexibility, macros, and features to reduce the effort required for authenticated sessions."
"The suite testing models are very good. It's very secure."
More PortSwigger Burp Suite Professional pros
 

Cons

"Improvements needed for Software Security Center include better aggregation views of datasets."
"The initial setup of this solution is very complex. Specifically, the integration between other parts of the solution is difficult."
"This solution is difficult to implement, and it should be made more comfortable for the end-users."
"We are having issues with false positives that need to be resolved."
"The product's overlap feature is restrictive and requires more customization efforts, which can be expensive."
"Improvements needed for Software Security Center include better aggregation views of datasets."
"We are having issues with false positives that need to be resolved."
"I am not satisfied with the percentage of false positives, which is around eighteen percent."
More Fortify Software Security Center cons
"The initial setup is a bit complex."
"The reporting needs to be improved; it is very bad."
"The vendor must provide documentation on how to use the new API feature."
"The solution doesn't offer very good scalability."
"As with most automated security tools, too many false positives."
"There is a certain amount of lead time for the tickets to get resolved."
"The price could be better. The rest is fine."
"The number of false positives need to be reduced on the solution."
More PortSwigger Burp Suite Professional cons
 

Pricing and Cost Advice

"As a Fortify partner company providing technical support, I find the product expensive in our country, where local, inexpensive products are available."
"This is a costly solution that could be cheaper."
"The solution is priced fair."
"They should reduce the license cost a little bit. It is $400 per user, and it would be better if they could reduce the licensing fee."
"The pricing of the solution is reasonable. We only need to pay for the annual subscription. I rate the pricing five out of ten."
"PortSwigger Burp Suite Professional is an expensive solution."
"We have one license. The price is very nominal."
"There is no setup cost and the cost of licensing is affordable."
"PortSwigger Burp Suite Professional is expensive compared to other tools."
"Our licensing cost is approximately $400 USD per year."
"It is a cheap solution, but it may not be cheaper than other solutions."
More PortSwigger Burp Suite Professional pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Static Application Security Testing (SAST) solutions are best for your needs.
See recommendations
885,311 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
15%
Financial Services Firm
11%
Government
9%
Computer Software Company
6%
Government
10%
Financial Services Firm
10%
Computer Software Company
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business4
Midsize Enterprise1
Large Enterprise3
By reviewers
Company SizeCount
Small Business17
Midsize Enterprise14
Large Enterprise35
 

Questions from the Community

What is your experience regarding pricing and costs for Micro Focus Software Security Center?
The pricing for the on-premises Fortify is expensive.
See all answers
What needs improvement with Micro Focus Software Security Center?
In my opinion, there are no areas that could be improved with Fortify Software Security Center. I would say it is a good product and a mature product. However, the SAST has many improvement areas. ...
See all answers
What is your primary use case for Micro Focus Software Security Center?
We have installed Fortify Static Code Analysis, SAST, in Ecuador in two customers. The Fortify ScanCentral includes three components: SAST, Fortify Software Security Center, and the WebInspect.
See all answers
Is OWASP Zap better than PortSwigger Burp Suite Pro?
OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with ...
See all answers
What do you like most about PortSwigger Burp Suite Professional?
The solution helped us discover vulnerabilities in our applications.
See all answers
What is your experience regarding pricing and costs for PortSwigger Burp Suite Professional?
The cost of PortSwigger Burp Suite Professional is reasonable at approximately $500 per year per user.
See all answers
 

Comparisons

Checkmarx One vs Fortify Software Security Center Logo
Checkmarx One vs Fortify Software Security Center
Compared 24% of the time
Checkmarx IaC Security / KICS vs Fortify Software Security Center Logo
Checkmarx IaC Security / KICS vs Fortify Software Security Center
Compared 13% of the time
SonarQube vs Fortify Software Security Center Logo
SonarQube vs Fortify Software Security Center
Compared 8% of the time
OpenText Core Application Security vs Fortify Software Security Center Logo
OpenText Core Application Security vs Fortify Software Security Center
Compared 7% of the time
Coverity Static vs Fortify Software Security Center Logo
Coverity Static vs Fortify Software Security Center
Compared 7% of the time
More Fortify Software Security Center Competitors
OpenText Dynamic Application Security Testing vs PortSwigger Burp Suite Professional Logo
OpenText Dynamic Application Security Testing vs PortSwigger Burp Suite Professional
Compared 12% of the time
Acunetix vs PortSwigger Burp Suite Professional Logo
Acunetix vs PortSwigger Burp Suite Professional
Compared 7% of the time
OWASP Zap vs PortSwigger Burp Suite Professional Logo
OWASP Zap vs PortSwigger Burp Suite Professional
Compared 6% of the time
Software Risk Manager ASPM vs PortSwigger Burp Suite Professional Logo
Software Risk Manager ASPM vs PortSwigger Burp Suite Professional
Compared 6% of the time
SonarQube vs PortSwigger Burp Suite Professional Logo
SonarQube vs PortSwigger Burp Suite Professional
Compared 6% of the time
More PortSwigger Burp Suite Professional Competitors
 

Product Reports

Buyer's Guide
Static Application Security Testing (SAST)
March 2026
Fortify Software Security Center reportDownload Fortify Software Security Center product report
Buyer's Guide
PortSwigger Burp Suite Professional
March 2026
PortSwigger Burp Suite Professional reportDownload PortSwigger Burp Suite Professional product report
 

Also Known As

Micro Focus Software Security Center, Application Security Center, HPE Application Security Center, WebInspect
Burp
 

Overview

Software Security Center enables management, development, and security teams to work together to triage, track, validate, automate, and manage software security activities.
OpenText

Burp Suite Professional, by PortSwigger, is the world’s leading toolkit for web security testing. Over 52,000 users worldwide, across all industries and organization sizes, trust Burp Suite Professional to find more vulnerabilities, faster. With expertly-engineered manual and automated tooling, you're able to test smarter - not harder.

PortSwigger is the web security company that is enabling the world to secure the web. Over 50,000 security engineers rely on our software and expertise to secure their world.

PortSwigger
 

Sample Customers

Neosecure, Acxiom, Skandinavisk Data Center A/S, Parkeon
Google, Amazon, NASA, FedEx, P&G, Salesforce
Buyer's Guide
Fortify Software Security Center vs. PortSwigger Burp Suite Professional
March 2026
Free Report: Fortify Software Security Center vs. PortSwigger Burp Suite Professional
Find out what your peers are saying about Fortify Software Security Center vs. PortSwigger Burp Suite Professional and other solutions. Updated: March 2026.
DOWNLOAD NOW
885,311 professionals have used our research since 2012.
See our Fortify Software Security Center vs. PortSwigger Burp Suite Professional report.
See our list of best Static Application Security Testing (SAST) vendors.

We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.