We changed our name from IT Central Station: Here's why

Fortify WebInspect vs PortSwigger Burp Suite Professional comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Fortify WebInspect vs. PortSwigger Burp Suite Professional and other solutions. Updated: January 2022.
564,729 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"It is scalable and very easy to use.""The user interface is ok and it is very simple to use.""The solution is able to detect a wide range of vulnerabilities. It's better at it than other products.""The accuracy of its scans is great.""The most valuable feature is the static analysis.""The solution is easy to use.""Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features."

More Fortify WebInspect Pros →

"With the Extender Tab, if you know how to code then you can create a plugin and add it to Burp.""I have found this solution has more plugins than other competitors which is a benefit. You are able to attach different plugins to the security scan to add features. For example, you can check to see if there are any payment systems that exist on a server, or username and password brute force analysis.""The extension that it provides with the community version for the skills mapping is excellent.""We use the solution for vulnerability assessment in respect of the application and the sites.""PortSwigger Burp Suite does not hamper the node of the server, and it does not shut down the server if it is running.""The solution has a pretty simple setup.""There is no other tool like it. I like the intuitiveness and the plugins that are available.""The most valuable features are Burp Intruder and Burp Scanner."

More PortSwigger Burp Suite Professional Pros →

Cons
"Our biggest complaint about this product is that it freezes up, and literally doesn't work for us.""The scanner could be better.""Creating reports is very slow and it is something that should be improved.""It requires improvement in terms of scanning. The application scan heavily utilizes the resources of an on-premise server. 32 GB RAM is very high for an enterprise web application.""The installation could be a bit easier. Usually it's simple to use, but the installation is painful and a bit laborious and complex.""Lately, we've seen more false negatives.""It took us between eight and ten hours to scan an entire site, which is somewhat slow and something that I think can be improved."

More Fortify WebInspect Cons →

"A lot of our interns find it difficult to get used to PortSwigger Burp's environment.""The reporting needs to be improved; it is very bad.""The pricing of the solution is quite high.""It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated.""The use of system memory is an area that can be improved because it uses a lot.""One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome.""If we're running a huge number of scans regularly, it slows down the tool.""We wish that the Spider feature would appear in the same shape that it does in previous versions."

More PortSwigger Burp Suite Professional Cons →

Pricing and Cost Advice
  • "The pricing is not clear and while it is not high, it is difficult to understand."
  • "Our licensing is such that you can only run one scan at a time, which is inconvenient."
  • "Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up to $40,000 to $50,000 or more than that."
  • More Fortify WebInspect Pricing and Cost Advice →

  • "There are different licenses available that include a free version."
  • "At $400 or $500 per license paid annually, it is a very cheap tool."
  • "PortSwigger is reasonably-priced. It's fair."
  • "It has a yearly license. I am satisfied with its price."
  • "We are using the community version, which is free."
  • "It is expensive for us in Brazil because the currency exchange rate from a dollar to a Brazilian Real is quite steep."
  • "The price for the solution is expensive and could be cheaper. We pay an annual license and our team has several of them."
  • "It's a lower priced tool that we can rely on with good standard mechanisms."
  • More PortSwigger Burp Suite Professional Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Application Security Testing (AST) solutions are best for your needs.
    564,729 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    I would like to recommend Checkmarx. With Checkmarx, you are able to have an all in one solution for SAST and SCA as well. Veracode is only a cloud solution. Hope this helps.
    Top Answer: 
    Reporting, centralized dashboard, and bird's eye view of all vulnerabilities are the most valuable features.
    Top Answer: 
    Its price is almost similar to the price of AppScan. Both of them are very costly. Its price could be reduced because it can be very costly for unlimited IT scans, etc. I'm not sure, but it can go up… more »
    Top Answer: 
    OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with… more »
    Top Answer: 
    We use the solution for vulnerability assessment in respect of the application and the sites.
    Ranking
    Views
    8,054
    Comparisons
    5,383
    Reviews
    6
    Average Words per Review
    421
    Rating
    7.0
    Views
    21,981
    Comparisons
    18,295
    Reviews
    21
    Average Words per Review
    559
    Rating
    8.4
    Comparisons
    Also Known As
    Micro Focus WebInspect, WebInspect
    Burp
    Learn More
    Overview
    Most enterprises rely heavily on the Web to conduct their normal operations, whether providing services, a mechanism for retail sales, or a host of other functions. Yet, most still struggle with efficiently managing their application security risks. For one thing, they need solutions of scale that can be used to manage thousands of active sites and assessments while also tracking discovered vulnerabilities, retesting procedures, and more. They need to perform repeated security tests to address compliance with regulations, legislation, and internal security policies and also see how their risk posture has changed over time. The enterprises have to protect their data, brand, and bottom line from the harsh impacts of what successful vulnerability exploitation could bring. Micro Focus WebInspect Enterprise enables organizations to solve these security problems quickly, efficiently, and intelligently.

    Burp Suite Professional, by PortSwigger, is the world’s leading toolkit for web security testing. Over 52,000 users worldwide, across all industries and organization sizes, trust Burp Suite Professional to find more vulnerabilities, faster. With expertly-engineered manual and automated tooling, you're able to test smarter - not harder.

    PortSwigger is the web security company that is enabling the world to secure the web. Over 50,000 security engineers rely on our software and expertise to secure their world.

    Offer
    Learn more about Fortify WebInspect
    Learn more about PortSwigger Burp Suite Professional
    Sample Customers
    Aaron's
    Google, Amazon, NASA, FedEx, P&G, Salesforce
    Top Industries
    VISITORS READING REVIEWS
    Computer Software Company33%
    Comms Service Provider14%
    Government12%
    Financial Services Firm9%
    REVIEWERS
    Manufacturing Company40%
    Financial Services Firm33%
    Insurance Company7%
    University7%
    VISITORS READING REVIEWS
    Computer Software Company29%
    Comms Service Provider26%
    Government7%
    Media Company5%
    Company Size
    REVIEWERS
    Small Business18%
    Midsize Enterprise9%
    Large Enterprise73%
    REVIEWERS
    Small Business21%
    Midsize Enterprise21%
    Large Enterprise58%
    Find out what your peers are saying about Fortify WebInspect vs. PortSwigger Burp Suite Professional and other solutions. Updated: January 2022.
    564,729 professionals have used our research since 2012.

    Fortify WebInspect is ranked 10th in Application Security Testing (AST) with 7 reviews while PortSwigger Burp Suite Professional is ranked 3rd in Application Security Testing (AST) with 18 reviews. Fortify WebInspect is rated 7.0, while PortSwigger Burp Suite Professional is rated 8.4. The top reviewer of Fortify WebInspect writes "Good reporting and vulnerability management, but needs better performance and resource utilization". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "Best for manual penetration testing, a great user interface, and offers good scanning capabilities". Fortify WebInspect is most compared with Micro Focus Fortify on Demand, OWASP Zap, Veracode, HCL AppScan and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Acunetix by Invicti, Tenable.io Web Application Scanning, HCL AppScan and Qualys Web Application Scanning. See our Fortify WebInspect vs. PortSwigger Burp Suite Professional report.

    See our list of best Application Security Testing (AST) vendors.

    We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.