No more typing reviews! Try our Samantha, our new voice AI agent.

ManageEngine Vulnerability Manager Plus vs PortSwigger Burp Suite Enterprise Edition comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
ManageEngine Vulnerability ...
Ranking in Vulnerability Management
38th
Average Rating
9.4
Reviews Sentiment
7.4
Number of Reviews
3
Ranking in other categories
No ranking in other categories
PortSwigger Burp Suite Ente...
Ranking in Vulnerability Management
41st
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
Dynamic Application Security Testing (DAST) (8th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of ManageEngine Vulnerability Manager Plus is 0.7%, down from 0.8% compared to the previous year. The mindshare of PortSwigger Burp Suite Enterprise Edition is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Qualys TotalCloud1.1%
ManageEngine Vulnerability Manager Plus0.7%
PortSwigger Burp Suite Enterprise Edition1.1%
Other97.1%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
MB
IT Helpdesk at a manufacturing company with 51-200 employees
Enhanced endpoint security with effective patch management and frequent scans
The most valuable feature was the patch management, which was very effective for endpoint-centric solutions requiring remediation of vulnerabilities. ManageEngine Vulnerability Manager Plus was the perfect fit for managing these requirements. We improved the number of scans and patches performed from four times per year per computer to four times per month.
OB
Studiant at Edifixio
Enables time-saving automated scanning and brute force attacks
The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"One of the features I appreciate is the ability to generate daily reports without relying on anyone else."
"I would recommend Qualys TotalCloud to other users because it is cost-efficient and has a good return on investment."
"Vulnerability and threat detection and assessment of the criticality of the vulnerabilities exposed are most valuable."
"One of the most valuable features of Qualys TotalCloud is FlexScan, which is specifically for internet-facing VMs. We found this feature to be very useful. It was a key differentiator for us."
"The best features in Qualys TotalCloud include the total asset management of the cloud environment. It is very easy to export the report and see the vulnerabilities related to the cloud specifically."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"The agent and agentless scanning in TotalCloud, particularly the FlexScan method, is incredibly valuable. With traditional scanning approaches, we had to give IP ranges and whitelist IPs. All that is now simplified. FlexScan requires minimal intervention, and after configuration, it automatically collects data and performs necessary scans."
"ManageEngine is a comprehensive tool that is broad and can be customized to fit specific needs."
"The solution helps us figure out vulnerabilities and fix them."
"The most valuable feature was the patch management, which was very effective for endpoint-centric solutions requiring remediation of vulnerabilities."
"I have been using it for over two years, and it is fantastic."
"The initial setup is straightforward."
"The tool is loaded with many features that give us ROI."
"The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."
"The most valuable part of it was probably the ability to intercept and modify calls."
"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."
"This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration."
"The solution's extensions really expand the capabilities and features offered by the installation."
"The product's initial setup phase was super easy."
 

Cons

"In my opinion, what can be improved in Qualys TotalCloud includes pricing and container scanning."
"TotalCloud could improve the classification of vulnerabilities. Specifically, it could enhance the categorization of what aspects fall under patches resolved by OS or software updates and what pertains to configuration adjustments."
"Enhancing clarity regarding its compliance capabilities would be beneficial, as the current scope is limited in geographic coverage."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."
"There is a lack of data segregation according to criticality or inventory."
"Qualys TotalCloud needs to enhance its scanning capabilities in the IP domain, as it currently lacks the functionality to resolve IPs to their corresponding domain names."
"The price is very expensive, actually."
"The integration with third-party solutions such as ticketing solutions or CMDB solutions can be improved."
"The user interface is the only drawback of the product."
"One area that needs improvement is the contract management. My legal team required some partner requirements for that, and ManageEngine could not support it."
"The implementation of the solution is quite complicated and could be easier."
"The stability of the scans could be improved."
"It would be better if the solution is cloud-based."
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"The solution is a bit expensive."
"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."
"The stability is a big issue. So many times the scans fail."
"It's not a stable product. Sometimes, it takes a lot of time to scan."
 

Pricing and Cost Advice

"Qualys TotalCloud offers cost-effective licensing flexibility."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"TotalCloud's price is about right where I would expect it to be."
"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud is expensive."
"The price is very reasonable."
"For Professional, it's about $400 per year."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"The tool's pricing is reasonable and costs around 400 dollars per year."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
12%
Construction Company
8%
Comms Service Provider
8%
Computer Software Company
8%
Financial Services Firm
19%
Computer Software Company
7%
Construction Company
6%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
No data available
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise2
Large Enterprise7
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for ManageEngine Vulnerability Manager Plus?
ManageEngine is considered an affordable solution, offering competitive pricing compared to similar solutions like Ut...
What needs improvement with ManageEngine Vulnerability Manager Plus?
The integration with third-party solutions such as ticketing solutions or CMDB solutions can be improved. The asset d...
What is your primary use case for ManageEngine Vulnerability Manager Plus?
I worked in an integrator solution company, and we implemented ManageEngine Vulnerability Manager Plus for different ...
What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?
I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional f...
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and...
What is your primary use case for PortSwigger Burp Suite Enterprise Edition?
I work with security testing tools for SaaS, focusing on static application security testing and using tools like Bur...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Information Not Available
Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
Find out what your peers are saying about ManageEngine Vulnerability Manager Plus vs. PortSwigger Burp Suite Enterprise Edition and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.