We performed a comparison between PortSwigger Burp Suite Professional and Seeker based on real PeerSpot user reviews.
Find out what your peers are saying about Sonar, Veracode, Checkmarx and others in Application Security Testing (AST)."The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"You can scan any number of applications and it updates its database."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"It offers very good accuracy. You can trust the results."
"The most valuable feature is the application security. It also has a reasonable price."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"The feature that we have found most valuable is that it comes with pre-set configurations. They have a set of predefined options where you can pick one and start scanning. We also have the option of creating our own configurations, like how often do the applications need to be scanned."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"A significant advantage of Seeker is that it is an interactive scanner, and we have found it to be much more effective in reducing the amount of false positives than dynamic scanners such as AppScan, Micro Focus Fortify, etc. Furthermore, with Seeker, we are finding more and more valid (i.e. "true") positives over time compared with the dynamic scanners."
"A lot of our interns find it difficult to get used to PortSwigger Burp's environment."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"The scanner and crawler need to be improved."
"The tool is very expensive."
"There is not much automation in the tool."
"The solution lacks sufficient stability."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"One area that Seeker can improve is to make it more customizable. All security scanning tools have a defined set of rules that are based on certain criteria which they will use to detect issues. However, the criteria that you set initially is not something that all applications are going to need."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 5th in Application Security Testing (AST) with 55 reviews while Seeker is ranked 24th in Application Security Testing (AST) with 1 review. PortSwigger Burp Suite Professional is rated 8.6, while Seeker is rated 7.0. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Seeker writes "More effective than dynamic scanners, but is missing useful learning capabilities". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Seeker is most compared with Synopsys API Security Testing, Coverity, Contrast Security Assess, Polaris Software Integrity Platform and HCL AppScan.
See our list of best Application Security Testing (AST) vendors.
We monitor all Application Security Testing (AST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.