We performed a comparison between GitLab and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Testing (AST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It scales well."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"The stability is good."
"The most important features of GitLab for us are issue management and all the CI/CD tools. Another aspect that I love about GitLab is the UI."
"It's a great toolbox where the CI/CD pipeline is the fundamental component, but there are so many other features that you can pull from, which makes it a very powerful tool. My current client is using AWS, and they can, of course, use AWS CodePipeline, but GitLab is much more mature than that, and it also gives you the freedom to decide to go to another platform or have a multi-cloud strategy and things like that. That freedom for me is also very valuable."
"The merging feature makes it easy later on for the deployment."
"The scalability is good."
"GitLab is being used as a repository for our codebase and it is a one stop DevOps tool we use in our team."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"The most valuable feature is Burp Collaborator."
"Enables automation of different tasks such as authorization testing."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs."
"The initial setup is simple."
"The solution is stable."
"There was a problem with the build environment when we were looking at developing iOS applications. iOS build require Mac machines and there are no Mac machines provided by GitLab in their cloud. So to build for mobile iOS application, we needed to use our own Mac machine within our own infrastructure. If GitLab were to provide a feature such that an iOS application could also be built through GitLab directly, that would be great."
"In the free version, when a merge request is raised, there is no way to enforce certain rules. We can't enforce that this merge request must be reviewed or approved by two or three people in the team before it is pushed to the master branch. That's why we are exploring using some agents."
"GitLab's Windows version is yet not available and having this would be an improvement."
"It would be really good if they integrated more features in application security."
"GitLab can improve by integrating with more tools, such as servers with Docker."
"I don't really like the new Kubernetes integration because it is pretty focused on the on-premise environment, but we're in a hybrid environment."
"We are having a few problems integrating with Jira at the moment, which is something that our IT department is investigating."
"The integration and storage capabilities could be better."
"The price could be better. The rest is fine."
"The pricing of the solution is quite high."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"The solution lacks sufficient stability."
"One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome."
"The reporting needs to be improved; it is very bad."
"We'd like to have more integration potential across all versions of the product."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
GitLab is ranked 3rd in Application Security Testing (AST) with 47 reviews while PortSwigger Burp Suite Professional is ranked 4th in Application Security Testing (AST) with 17 reviews. GitLab is rated 8.6, while PortSwigger Burp Suite Professional is rated 8.8. The top reviewer of GitLab writes "Powerful, mature, and easy to set up and manage". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "Best for manual penetration testing, a great user interface, and offers good scanning capabilities". GitLab is most compared with Microsoft Azure DevOps, TeamCity, Tekton, AWS CodePipeline and Sonatype Nexus Lifecycle, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, Veracode and Rapid7 AppSpider. See our GitLab vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
