PortSwigger Burp Suite Enterprise Edition offers dynamic scanning, web application assessments, CMDB and device discovery, ease of use, and a scalable design. Users appreciate its beginner-friendly interface, active scans, network call tracking, CI/CD integration, and automation capabilities. Parallel scans, seamless deployment in vCenter, extensions for expanded features, interception tools for call modification, and an intuitive UI enhance the experience. Regular updates and customizable scripting are also significant advantages.
- "The most valuable part of it was probably the ability to intercept and modify calls."
- "The solution's extensions really expand the capabilities and features offered by the installation."
- "This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration."
PortSwigger Burp Suite Enterprise Edition faces challenges with false positives, scan stability, and complicated implementation. Users report missing Java vulnerabilities and outdated libraries. The need for improved SAST and DAST integration, cloud-based accessibility, and mobile testing is highlighted. Some users find the cost expensive and seek better scalability and static code analysis features. The current performance shows high memory consumption, and the licensing cost could be more affordable, especially for individual users.
- "Scalability could be better."
- "From my personal experience, the solution's performance could be improved."
- "PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."