We performed a comparison between Polyspace Code Prover and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."When we work on safety modules, it is mandatory to fulfill ISO 26262 compliance. Using Prover helps fulfill the standard on top of many other quality checks, like division by zero, data type casts, and null pointer dereferences."
"The product detects memory corruptions."
"The outputs are very reliable."
"Polyspace Code Prover is a very user-friendly tool."
"Polyspace Code Prover has made me realize it differs from other static code analysis tools because it runs the code. So it's quite distinct in that aspect."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"The solution is stable."
"The solution has a great user interface."
"Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them."
"The most valuable features are Burp Intruder and Burp Scanner."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
"One of the main disadvantages is the time it takes to initiate the first run."
"Using Code Prover on large applications crashes sometimes."
"I'd like the data to be taken from any format."
"The tool has some stability issues."
"Automation could be a challenge."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"The solution doesn't offer very good scalability."
"Sometimes the solution can run a little slow."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"There is not much automation in the tool."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Polyspace Code Prover is ranked 23rd in Application Security Tools with 5 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 55 reviews. Polyspace Code Prover is rated 7.6, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Polyspace Code Prover writes "A stable solution for developing software components". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Polyspace Code Prover is most compared with SonarQube, Coverity, Klocwork, CodeSonar and Parasoft SOAtest, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Polyspace Code Prover vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.