We performed a comparison between GitLab and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
"It scales well."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"The stability is good."
"The most important features of GitLab for us are issue management and all the CI/CD tools. Another aspect that I love about GitLab is the UI."
"It's a great toolbox where the CI/CD pipeline is the fundamental component, but there are so many other features that you can pull from, which makes it a very powerful tool. My current client is using AWS, and they can, of course, use AWS CodePipeline, but GitLab is much more mature than that, and it also gives you the freedom to decide to go to another platform or have a multi-cloud strategy and things like that. That freedom for me is also very valuable."
"The merging feature makes it easy later on for the deployment."
"The scalability is good."
"GitLab is being used as a repository for our codebase and it is a one stop DevOps tool we use in our team."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"The most valuable feature is Burp Collaborator."
"Enables automation of different tasks such as authorization testing."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The initial setup is simple."
"The solution is stable."
"There was a problem with the build environment when we were looking at developing iOS applications. iOS build require Mac machines and there are no Mac machines provided by GitLab in their cloud. So to build for mobile iOS application, we needed to use our own Mac machine within our own infrastructure. If GitLab were to provide a feature such that an iOS application could also be built through GitLab directly, that would be great."
"In the free version, when a merge request is raised, there is no way to enforce certain rules. We can't enforce that this merge request must be reviewed or approved by two or three people in the team before it is pushed to the master branch. That's why we are exploring using some agents."
"GitLab's Windows version is yet not available and having this would be an improvement."
"It would be really good if they integrated more features in application security."
"GitLab can improve by integrating with more tools, such as servers with Docker."
"I don't really like the new Kubernetes integration because it is pretty focused on the on-premise environment, but we're in a hybrid environment."
"We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating."
"The integration and storage capabilities could be better."
"The price could be better. The rest is fine."
"The pricing of the solution is quite high."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"The solution lacks sufficient stability."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"The reporting needs to be improved; it is very bad."
"We'd like to have more integration potential across all versions of the product."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
GitLab is an open-source code repository and application code development platform that aims to simplify the process of software development through to the eventual product release and upgrade. It contains all of the tools that developers need to take control of every stage of the software development process. GitLab makes it easy for teams to create checklists that they can follow when they begin to write the code and do other tasks that are critical to the success of their project. GitLab also enables organizations to automate the shipping of software code to those servers that they need to get to without requiring human intervention.
Some of the ways that organizations can benefit by deploying GitLab include:
Built-in CI/CD capabilities. Users are able to build, test, and deploy their software without turning to outside integrations. The CI/CD automation is built-in so that all of these functions can be easily automated as necessary.
Reviews from Real Users
GitLab is a solution that stands out when compared to many of its competitors. Two major advantages it offers are the overall completeness of the solution and the way that it enables application developers to work on various parts of a given project simultaneously.
Kulbhushan M., co-founder and technical architect at Think NYX Technologies LLP, writes, “The SaaS setup is impressive, and it has DAST solutions. It also has dependency check and scanning mechanisms. If we were using other solutions, they would have to be configured, and we would have to set them to us as a third party, but GitLab is straightforward. GitLab is a single solution that helps us do everything we need.”
Zeeshan R., a software engineer at OZ, writes, “The best thing is that as the developers work on separate tasks, all of the code goes there and the other team members don't have to wait on each other to finish. We can all work on our code in tandem.”
Burp Suite Professional, by PortSwigger, is the world’s leading toolkit for web security testing. Over 52,000 users worldwide, across all industries and organization sizes, trust Burp Suite Professional to find more vulnerabilities, faster. With expertly-engineered manual and automated tooling, you're able to test smarter - not harder.
PortSwigger is the web security company that is enabling the world to secure the web. Over 50,000 security engineers rely on our software and expertise to secure their world.
GitLab is ranked 3rd in Application Security Testing (AST) with 47 reviews while PortSwigger Burp Suite Professional is ranked 4th in Application Security Testing (AST) with 17 reviews. GitLab is rated 8.6, while PortSwigger Burp Suite Professional is rated 8.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "Best for manual penetration testing, a great user interface, and offers good scanning capabilities". GitLab is most compared with Microsoft Azure DevOps, TeamCity, Tekton, AWS CodePipeline and Sonatype Nexus Lifecycle, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Veracode and Rapid7 AppSpider. See our GitLab vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.