We performed a comparison between PortSwigger Burp Suite Enterprise Edition and Qualys VMDR based on real PeerSpot user reviews.
Find out in this report how the two Dynamic Application Security Testing (DAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."
"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."
"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."
"The product's initial setup phase was super easy."
"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."
"The product is easy to use."
"The tool is loaded with many features that give us ROI."
"The initial setup is straightforward."
"I am impressed with the VMDR feature."
"Qualys VM's best features are vulnerability management and customizable scoring."
"It gives a very good overview of the inventory assessment process, and it can be accessed across our company because it's a global tool."
"There are fewer false positives when using this solution."
"There are many features. Its reliability, ease of installation, ease of use, and the richness of the information provided are the most valuable features."
"I find Qualys VM very robust, and it's very useful for vulnerability management and patch management. The value that it brings to my environment is economies of scale. There is no limitation on adding any endpoints. You go by the rule, and it's added once another endpoint is added to our environment. It's automatically installed, and it's less work from our end. It frees up my license automatically if I don't need an endpoint or if my machine is decommissioned. I like the dashboard displays because I don't see any duplication. The most important part is vulnerability management and prioritization. Unlike Symantec, it shows the kind of vulnerability I would want to patch first. It provides a holistic view of the kind of vulnerabilities and the ones I should remediate first. I don't have to do a scan; it just brings up those critical kinds of vulnerabilities like zero-day vulnerabilities and tells me to prioritize them. You have to prioritize these vulnerabilities first and go on with the rest. The dashboard shows me the ones that have been fixed, so I don't have to complete an aging report. The user experience and the graphical interface are good. As it's user-friendly and understandable on an executive level, it brings real value. We also use this solution because it's robust and flexibile."
"The initial setup is straightforward."
"I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagging system is good for tagging. We can still use QualysAgent task ID tools even if tags aren't made."
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"The product needs to have the ability to evaluate more."
"The stability of the scans could be improved."
"It would be better if the solution is cloud-based."
"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."
"The implementation of the solution is quite complicated and could be easier."
"The cost per license per user could be cheaper, specifically for individual licensing."
"The solution is a bit expensive."
"When you want to cover yourself for scalability, you will be charged for the number you place on the scan itself."
"The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases."
"The disadvantage of working with Qualys is that the graphical interface is quite outdated."
"Qualys VM could improve by having more skilled support personnel."
"Reports were lacking somewhat on the customization side."
"Some of the older features could be polished instead of focusing on releasing new features."
"Qualys VM should improve its methodology."
"Make some minimal dashboard improvements."
More PortSwigger Burp Suite Enterprise Edition Pricing and Cost Advice →
PortSwigger Burp Suite Enterprise Edition is ranked 4th in Dynamic Application Security Testing (DAST) with 8 reviews while Qualys VMDR is ranked 3rd in Risk-Based Vulnerability Management with 77 reviews. PortSwigger Burp Suite Enterprise Edition is rated 8.0, while Qualys VMDR is rated 8.2. The top reviewer of PortSwigger Burp Suite Enterprise Edition writes " With a super easy initial setup phase, the tool also offers regular updates". On the other hand, the top reviewer of Qualys VMDR writes "Good visibility but expensive and needs better support". PortSwigger Burp Suite Enterprise Edition is most compared with Acunetix, Tenable Nessus, Rapid7 Metasploit, Tenable Vulnerability Management and Rapid7 InsightVM, whereas Qualys VMDR is most compared with Tenable Nessus, Tenable Security Center, Rapid7 InsightVM, Microsoft Defender Vulnerability Management and Tenable Vulnerability Management. See our PortSwigger Burp Suite Enterprise Edition vs. Qualys VMDR report.
We monitor all Dynamic Application Security Testing (DAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
