PortSwigger Burp Suite Enterprise Edition vs Qualys CyberSecurity Asset Management comparison

PortSwigger Burp Suite Enterprise Edition vs. Qualys CyberSecurity Asset Management

Download the complete report

Helped 885,376 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

PortSwigger Burp Suite Ente...

Ranking in Vulnerability Management

36th

Average Rating

8.0

Reviews Sentiment

7.2

Number of Reviews

Ranking in other categories

Dynamic Application Security Testing (DAST) (7th)

Qualys CyberSecurity Asset ...

Ranking in Vulnerability Management

9th

Average Rating

9.0

Reviews Sentiment

7.0

Number of Reviews

Ranking in other categories

Patch Management (4th), Cyber Asset Attack Surface Management (CAASM) (3rd), Attack Surface Management (ASM) (2nd), Software Supply Chain Security (3rd)

Mindshare comparison

As of March 2026, in the Vulnerability Management category, the mindshare of PortSwigger Burp Suite Enterprise Edition is 1.2%, up from 0.8% compared to the previous year. The mindshare of Qualys CyberSecurity Asset Management is 1.4%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Vulnerability Management Mindshare Distribution
Product	Mindshare (%)
Qualys CyberSecurity Asset Management	1.4%
PortSwigger Burp Suite Enterprise Edition	1.2%
Other	97.4%

Vulnerability Management

Featured Reviews

Oussama Ben Taher

Studiant at Edifixio

Enables time-saving automated scanning and brute force attacks

The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.

Read full review

Nicki Møller

Information Security Engineer at a manufacturing company with 5,001-10,000 employees

Enables automation and quick access to necessary information

One of the significant challenges Qualys is discovery, which I know Microsoft excels at. I can't recall how well Qualys performs this function; it seems I might be missing some details. However, if there's one key aspect to focus on, it's discovery—the ability to identify assets that you are not aware of, even when you can see they are present. Understanding what those assets are is crucial. With Qualys CyberSecurity Asset Management, it was very difficult to extract detections from the system. The features within Qualys are limited to what they have developed. Sometimes a complete overview is needed to push to a Power BI dashboard, Splunk, ServiceNow, or other platforms. The export process is incredibly challenging. We needed a developer to write a hundred-line Python script that would loop over certain assets due to export limitations. Qualys CyberSecurity Asset Management could improve its integration capabilities. While it generates substantial data, correlating it with other data sources can be challenging. The export process is difficult, and pre-built integrations with other tools could be enhanced for better process implementation.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The tool is loaded with many features that give us ROI."

"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."

"The solution's extensions really expand the capabilities and features offered by the installation."

"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use, and they frequently improve the solution every six months to a year."

"The product is easy to use."

"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."

"The most valuable part of it was probably the ability to intercept and modify calls."

"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."

More PortSwigger Burp Suite Enterprise Edition pros

"I appreciate the feature that simplifies cloud security posture, offering insights into vulnerabilities, and reducing the complexity of managing the security program."

"It provides most of the information needed regarding the assets, including the operating system and whether the assets are network devices or servers."

"The most valuable feature is the Management sensor, which helps identify gaps in policy agent availability, thereby improving agent utilization."

"The scanning results are pretty good, and some of the insights are quite valuable."

"The dashboards are my favorite feature; I can pull up information and create my own dashboards specifically for what I'm looking for."

"Qualys CSAM helps find all the assets. It categorizes information based on various criteria such as host and tenant version. It provides in-depth visibility into both hardware and software."

"I use it primarily with tagging, asset counts, and groups that we can put them in, and we also use it to tell if a device has been merged and seen in Qualys CyberSecurity Asset Management, so that's beneficial for us too."

"Tags are very useful for us since we can tag virus applications in infrastructure types such as databases, operating systems, or web platforms."

More Qualys CyberSecurity Asset Management pros

Cons

"The implementation of the solution is quite complicated and could be easier."

"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."

"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."

"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."

"Scalability could be better."

"It would be better if the solution is cloud-based."

"The stability is a big issue. So many times the scans fail."

"The solution is a bit expensive."

More PortSwigger Burp Suite Enterprise Edition cons

"The scanning function could be improved."

"Qualys CyberSecurity Asset Management is moderately good, while Rapid7 is slightly much better."

"Qualys could improve by enhancing its dynamic tagging and role-based access control features, and by refining its user interface for a more intuitive and efficient user experience."

"There can be further simplification to reduce the overall noise and provide ESAM-related data."

"The UI needs improvement as it can become overwhelming after prolonged use."

"The UI and menu navigation has improved significantly, however, the menus could still be clunky, making navigation within the assets challenging."

"Some areas that would be helpful are more comprehensive tagging and the ability to set up better dynamic rules."

"They should address the false positives generated in EASM. It is fetching assets that have Infosys as the keyword. They should fix that."

More Qualys CyberSecurity Asset Management cons

Pricing and Cost Advice

"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."

"For Professional, it's about $400 per year."

"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."

"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."

"The tool's pricing is reasonable and costs around 400 dollars per year."

"The pricing is market-competitive."

"The pricing for Qualys Cybersecurity Asset Management is reasonable, with an annual subscription costing around $1,000 per year or a monthly subscription starting at approximately $72 per month, depending on the specific package and features included."

"Though the solution is considered expensive, if bundled with other services such as VMDR or cloud agents, its value would significantly increase. It is currently a bit costly, but with bundling, it could become attractive to more customers."

"The pricing for Qualys CSAM is nominal."

"It is cost-effective because, in a single tool, we are getting everything. All the solutions come in a single license or price."

"The pricing is fair. I would love to see the price come down a little bit, but we do get a lot of value out of it. We are squeezing every ounce of value we can out of the tool."

"The cost for Qualys CyberSecurity Asset Management is high."

"The pricing is reasonable relative to the features provided, as it collects all module data and operates as a main, centralized inventory, making it a cost-effective solution."

More Qualys CyberSecurity Asset Management pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

885,376 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

17%

Manufacturing Company

Computer Software Company

Government

Financial Services Firm

12%

Computer Software Company

11%

Manufacturing Company

Comms Service Provider

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	2
Large Enterprise	7

By reviewers
Company Size	Count
Small Business	8
Midsize Enterprise	2
Large Enterprise	23

Questions from the Community

What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?

I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional features or services.

What needs improvement with PortSwigger Burp Suite Enterprise Edition?

It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively.

What is your primary use case for PortSwigger Burp Suite Enterprise Edition?

I work with security testing tools for SaaS, focusing on static application security testing and using tools like Burp Suite for replaying Apex.

What is your experience regarding pricing and costs for Qualys CyberSecurity Asset Management?

I'm not entirely sure about the pricing; I don't know.

What needs improvement with Qualys CyberSecurity Asset Management?

I think the one thing Qualys CyberSecurity Asset Management can do better is the package management and the updating process. Knowing that you can't update any of the packages until you've done the...

What is your primary use case for Qualys CyberSecurity Asset Management?

I primarily use it for a small, single-site, multi-source setup with multi-WAN inputs. I have a main fiber connection and a couple of failovers while managing different networks across different se...

Seal Security vs PortSwigger Burp Suite Enterprise Edition

Comparisons

Compared 33% of the time

Acunetix vs PortSwigger Burp Suite Enterprise Edition

Compared 8% of the time

Rapid7 Metasploit vs PortSwigger Burp Suite Enterprise Edition

Compared 8% of the time

Tenable Nessus vs PortSwigger Burp Suite Enterprise Edition

Compared 5% of the time

Rapid7 InsightAppSec vs PortSwigger Burp Suite Enterprise Edition

Compared 5% of the time

More PortSwigger Burp Suite Enterprise Edition Competitors

Armis vs Qualys CyberSecurity Asset Management

Compared 6% of the time

Axonius vs Qualys CyberSecurity Asset Management

Compared 6% of the time

CrowdStrike Falcon vs Qualys CyberSecurity Asset Management

Compared 5% of the time

Bitsight vs Qualys CyberSecurity Asset Management

Compared 4% of the time

Amazon Inspector vs Qualys CyberSecurity Asset Management

Compared 3% of the time

More Qualys CyberSecurity Asset Management Competitors

Product Reports

PortSwigger Burp Suite Enterprise Edition

Download PortSwigger Burp Suite Enterprise Edition product report

PortSwigger Burp Suite Enterprise Edition report

Qualys CyberSecurity Asset Management

Download Qualys CyberSecurity Asset Management product report

Qualys CyberSecurity Asset Management report

Overview

Burp Suite Enterprise Edition is an automated web vulnerability scanner, designed to enable enterprises to scale security across their web portfolios and achieve DevSecOps. Automate trusted Burp scans, integrate web security testing with development, and free your application security to support software development.

PortSwigger

Qualys CyberSecurity Asset Management provides key features including asset inventory management, end-of-life tracking, dynamic tagging, and integration with CMDB, offering extensive visibility and support for proactive threat response.

Qualys offers comprehensive visibility across hardware and software assets, aiding in tracking unauthorized applications and facilitating automated vulnerability remediation. Its user-friendly interface and dynamic risk scoring enhance security posture management. Users leverage it for vulnerability management and compliance, benefiting from real-time risk identification and efficient operations in cloud and on-premises environments.

What are the key features of Qualys CyberSecurity Asset Management?

Asset Inventory Management: Provides detailed visibility over hardware and software assets.
End-of-Life Tracking: Helps identify technical debt by pinpointing outdated hardware and software.
Dynamic Tagging: Allows flexible classification and categorization of assets.
Real-Time Risk Identification: Detects risks as they arise, enhancing threat response capabilities.
CMDB Integration: Streamlines data integration for comprehensive asset insights.

What benefits should users look for in Qualys reviews?

Improved Security Posture: Enables proactive threat management and streamlined operations.
Efficient Remediation: Automates vulnerability management and patch deployment.
User-Friendly Operations: Simplifies cybersecurity operations with an intuitive interface.
Comprehensive Asset Visibility: Offers unparalleled insight into organizational assets.
Scalable Solutions: Facilitates asset tracking across cloud and on-premises environments.

Cybersecurity teams in various industries, such as financial services, healthcare, and manufacturing, utilize Qualys to manage technical debt through end-of-life tracking and facilitate robust patch management. It supports compliance and visibility initiatives, essential for maintaining data integrity and operational security in dynamic environments.

Qualys

Sample Customers

Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero

Information Not Available

PortSwigger Burp Suite Enterprise Edition vs. Qualys CyberSecurity Asset Management