No more typing reviews! Try our Samantha, our new voice AI agent.

PortSwigger Burp Suite Enterprise Edition vs Tenable Security Center comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
PortSwigger Burp Suite Ente...
Ranking in Vulnerability Management
41st
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
Dynamic Application Security Testing (DAST) (8th)
Tenable Security Center
Ranking in Vulnerability Management
8th
Average Rating
8.2
Reviews Sentiment
7.2
Number of Reviews
56
Ranking in other categories
Cloud Security Posture Management (CSPM) (12th), Risk-Based Vulnerability Management (3rd)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of PortSwigger Burp Suite Enterprise Edition is 1.1%, up from 0.9% compared to the previous year. The mindshare of Tenable Security Center is 2.6%, down from 4.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Tenable Security Center2.6%
Qualys TotalCloud1.1%
PortSwigger Burp Suite Enterprise Edition1.1%
Other95.2%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
OB
Studiant at Edifixio
Enables time-saving automated scanning and brute force attacks
The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.
reviewer1534134 - PeerSpot reviewer
Head of Information Security at a consultancy with 1,001-5,000 employees
Centralized analytics have strengthened patch visibility and support efficient regulatory reporting
From my experience, I assess the product's analytics capabilities as successful. It helped us significantly with patching and managing the risk of the patching process across all our environments, including network devices with Windows and Unix systems. The product covered several environments and gave us exactly what we needed in our environment. Tenable Security Center's centralized platform helped with risk assessment and management across our IT environments. It covered the patching process, and we previously faced many issues regarding how to patch different environments, how to monitor the patching process, and whether it was successful or not. We obtained good reports showing when patches were closed and the details of each patch, including who executed it and everything related to the patching process until it was closed. This gave us good details about the process which helped us significantly in our reporting and even in audits, whether internal or external. We learned how to close audit issues safely and successfully. We used the dashboards for real-time threat insights and extracted several dashboards from Tenable Security Center. We use these dashboards in our cybersecurity dashboard and committees that we have. These dashboards are part of our committees, especially the cybersecurity committee and other committees that we attend.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We were able to realize its benefits within 24 to 48 hours."
"I would definitely recommend Qualys TotalCloud to other customers."
"Qualys TotalCloud has improved our security posture."
"Qualys TotalCloud fulfills all these needs."
"Its excellent graphical interface makes the scanning process simple."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"The dashboards are particularly valuable as they offer a comprehensive view of the environment, highlighting any misconfigurations."
"We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."
"The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."
"The initial setup is straightforward."
"The product's initial setup phase was super easy."
"The product is easy to use."
"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."
"The tool is loaded with many features that give us ROI."
"Its automated scanning feature saves time."
"Tenable Security Center supports a wide range of applications and servers, capable of comprehensive scanning and handling of vulnerabilities."
"I like Tenable.sc's analytics and reporting. You can also configure your on-prem network monitors to talk to your Tenable.sc control panel."
"The most valuable features of Tenable SC are scanning, reporting, dashboards, and automation."
"The most valuable features in Tenable SC are scanning and analysis."
"Technical support is excellent. They are extremely responsive and very helpful."
"The most valuable features of the solution are the dashboards and speed of the test, and Tenable.sc is user-friendly."
"Tenable's most valuable features are the credential scan, vulnerability reports, and vulnerability ratings (VPR)."
"My advice for those considering Tenable Security Center is to note the benefit of upgrading vulnerable devices."
 

Cons

"Areas that need improvement in every solution include the remediation part. The remediation steps should be simple enough for everyone to understand."
"Two areas for improvement in Qualys TotalCloud are the speed of the public cloud platform and vulnerability detection."
"From a downside perspective, the UI is not user-friendly and feels dated compared to other tools like Prisma Cloud."
"Although TotalCloud is a helpful tool, some of its advanced features are still under development."
"I sometimes have difficulty detecting or uninstalling certain versions of applications, which I have to do manually."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"Qualys TotalCloud has the potential to improve by integrating a hybrid platform for comprehensive management of both on-premises and cloud infrastructures."
"With the growing integration of AI, I would like Qualys to enhance its service offerings to better accommodate AI-related risks."
"The stability of the scans could be improved."
"Scalability could be better."
"From my personal experience, the solution's performance could be improved."
"The product needs to have the ability to evaluate more."
"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."
"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
"The implementation of the solution is quite complicated and could be easier."
"The cost per license per user could be cheaper, specifically for individual licensing."
"Their tier-one, initial tech support is pretty bad."
"We did conduct a long implementation which relates to what I think can be improved about Tenable Security Center."
"Tenable SC could improve by making the creation of the initial reports easier that correspond to our network."
"The integration is very good, although it still needs to improve."
"The reason for rating it an eight out of ten is that the initial setup could be easier; the setup is rather difficult, and that's why we are focusing on the initial hearing."
"Tenable SC can improve by adding more integrations with HCI-type tools and more accurate vulnerability detection."
"We are facing some challenges related to our channel."
"The solution should provide better web application features and support."
 

Pricing and Cost Advice

"While Qualys TotalCloud's pricing is currently acceptable, it is becoming increasingly expensive and may soon be considered overpriced."
"Qualys TotalCloud is expensive."
"The pricing for TotalCloud is attractive and competitive in the market. Given the features, especially the dashboard, I have no concerns regarding pricing."
"TotalCloud's price is about right where I would expect it to be."
"The cost is high, but it meets our organizational needs."
"As a middle management member, I do not have direct pricing knowledge, but based on the knowledge from our meetings, its pricing is competitive."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"For Professional, it's about $400 per year."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"The tool's pricing is reasonable and costs around 400 dollars per year."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
"I rate the solution's price as seven on a scale of one to ten, where one is cheap and ten is expensive. The tool is quite expensive."
"This solution's price is quite high."
"We pay around 60,000 on a yearly basis."
"I use a local license to perform penetration testing and I'm pretty happy with everything when it comes to pricing and licensing."
"The tool costs around 15,000 Saudi riyals monthly."
"For 500 users the licensing fee is roughly $100,000."
"The pricing is more than Nexpose."
"We're able to save because we don't have to employ more staff members to help wit ht he scheduling of the scans, running the reports or sending them out to the systems owners. That alone is a big ROI for us."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
19%
Computer Software Company
7%
Construction Company
6%
Manufacturing Company
6%
Financial Services Firm
12%
Manufacturing Company
11%
Government
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise2
Large Enterprise7
By reviewers
Company SizeCount
Small Business22
Midsize Enterprise12
Large Enterprise27
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?
I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional f...
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and...
What is your primary use case for PortSwigger Burp Suite Enterprise Edition?
I work with security testing tools for SaaS, focusing on static application security testing and using tools like Bur...
What is your experience regarding pricing and costs for Tenable SC?
The price of Tenable Security Center is not so high; it's relatively a cheaper solution.
What needs improvement with Tenable SC?
We did conduct a long implementation which relates to what I think can be improved about Tenable Security Center. In ...
What is your primary use case for Tenable SC?
The typical use case for Tenable Security Center is that it is an on-premise solution, and it can use the agent and a...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
Tenable.sc, Tenable Unified Security, Tenable SecurityCenter
 

Overview

 

Sample Customers

Information Not Available
Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
IBM, Sempra Energy, Microsoft, Apple, Adidas, Union Pacific
Find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition vs. Tenable Security Center and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.