We performed a comparison between Fortify Application Defender and PortSwigger Burp Suite Professional based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The product saves us cost and time."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"We are able to provide out customers with a secure application after development. They are no longer left wondering if they are vulnerable to different threats within the market following deployment."
"The most valuable features of Fortify Application Defender are the code packages that are default."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"Its ability to find security defects is valuable."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The most valuable feature is that it analyzes data in real-time."
"The solution has a great user interface."
"There is no other tool like it. I like the intuitiveness and the plugins that are available."
"The most valuable feature of PortSwigger Burp Suite Professional is the dashboard. It is very informative and you can receive all the information you need in one place. It's clear, well-defined, and organized. Anybody without any cybersecurity can use it."
"In my area of expertise, I feel like it has almost everything I could possibly require at this moment."
"BurpSuite helps us to identify and fix silly mistakes that are sometimes introduced by our developers in their coding."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"I have found the best features to be the performance and there are a lot of additional plugins available."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"Fortify Application Defender gives a lot of false positives."
"The solution could improve the time it takes to scan. When comparing it to SonarQube it does it in minutes while in Fortify Application Defender it can take hours."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"I encountered many false positives for Python applications."
"Support for older compilers/IDEs is lacking."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The solution is quite expensive."
"The workbench is a little bit complex when you first start using it."
"In the Professional version, we cannot link it with the CI/CD process."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
"There should be a heads up display like the one available in OWASP Zap."
"I need the solution to be more user-friendly. The solution needs to be user-friendly."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"The pricing of the solution is quite high."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
Fortify Application Defender is ranked 30th in Application Security Tools with 11 reviews while PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews. Fortify Application Defender is rated 7.8, while PortSwigger Burp Suite Professional is rated 8.6. The top reviewer of Fortify Application Defender writes "Useful for fast code review in devOps pipelines ". On the other hand, the top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". Fortify Application Defender is most compared with Checkmarx One, CAST Application Intelligence Platform, Coverity, SonarQube and Qualys Web Application Scanning, whereas PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning. See our Fortify Application Defender vs. PortSwigger Burp Suite Professional report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.