PortSwigger Burp Suite Enterprise Edition Reviews

Name: PortSwigger Burp Suite Enterprise Edition
Brand: PortSwigger
Rating: 4.0 (12 reviews)

4.0 out of 5

12 reviews
84% willing to recommend

What is PortSwigger Burp Suite Enterprise Edition?

Burp Suite Enterprise Edition is an automated web vulnerability scanner, designed to enable enterprises to scale security across their web portfolios and achieve DevSecOps. Automate trusted Burp scans, integrate web security testing with development, and free your application security to support software development.

Get the PortSwigger Burp Suite Enterprise Edition Buyer's Guide and find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition, HCL AppScan, Fortify WebInspect and more!

PortSwigger Burp Suite Enterprise Edition is the #5 ranked solution in top Dynamic Application Security Testing (DAST) solutions and #22 ranked solution in top Vulnerability Management solutions. PeerSpot users give PortSwigger Burp Suite Enterprise Edition an average rating of 8.0 out of 10. Based on the analysis of the 12 most recent PortSwigger Burp Suite Enterprise Edition reviews, the overall sentiment is positive, with a sentiment score of 7.2. (The highest in the category). PortSwigger Burp Suite Enterprise Edition is most commonly compared to HCL AppScan: PortSwigger Burp Suite Enterprise Edition vs HCL AppScan. PortSwigger Burp Suite Enterprise Edition is popular among the large enterprise segment, accounting for 62% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 19% of all views.

Buyer's Guide

PortSwigger Burp Suite Enterprise Edition

November 2024

Get the report

Helped 825,399 peers since 2012

Featured reviews

Hasan Abufreiha

Cyber security enthusiast at a university with 51-200 employees

I would advise users to limit Burp Suite usage to specific scenarios and applications. Users should use the solution as an expert testing tool instead of using it as a general scanner or for information gathering in general. The tool might be overwhelming initially for new users, but it will be easy after you get used to the UI, features, and options. PortSwigger Burp Suite Enterprise Edition has been doing an amazing job for years compared to other similar tools. Overall, I rate the solution an eight out of ten.

Read full review

Iwegbue Godspower Isioma

Cyber Security Analyst at Platview Technologies

I recommend the solution to others. We can run SQL injection in Burp Suite Community Edition but not scan the websites. We would need Burp Suite Professional for it. We can use the solution to scan web applications and escalate vulnerabilities. We can do penetration testing on the vulnerabilities that are detected on the web application. The tool also provides other features that we can use to simulate attacks for learning purposes. Overall, I rate the tool a nine out of ten.

Read full review

Mustufa Bhavnagarwala

CyberRisk Solution Advisor at Deloitte

PortSwigger Burp Suite Enterprise Edition's new features released in the last two years are really good, so I won't say that I am not looking at any new features. The product's latest feature, which was really good, but had an issue since it allowed us in our company to put the proxy in the browser and then connect it with PortSwigger Burp Suite Enterprise Edition to get the calls resolved with the help of setup allowing for browser features inside PortSwigger Burp Suite Enterprise Edition. I want PortSwigger Burp Suite Enterprise Edition to be available on the cloud, though my concerns stem from the fact that I don't know how an application hosted on the cloud can do a proxy for an application. I can't recall what needs to be added to the solution to make it better, but I have seen that when I use the product, I feel that the tool needs to have a few elements added to it. The cost per license per user could be cheaper, specifically for individual licensing.

Read full review

PeerAnalyst reports

Type	Title	Date
Category	Dynamic Application Security Testing (DAST)	Jan 2, 2025	Download
Product	Reviews, tips, and advice from real users	Jan 2, 2025	Download
Comparison	PortSwigger Burp Suite Enterprise Edition vs HCL AppScan	Jan 2, 2025	Download
Comparison	PortSwigger Burp Suite Enterprise Edition vs Fortify WebInspect	Jan 2, 2025	Download
Comparison	PortSwigger Burp Suite Enterprise Edition vs Invicti	Jan 2, 2025	Download

Title	Rating	Mindshare	Recommending
HCL AppScan	3.9	22.3%	83%	43 interviews Add to research
Fortify WebInspect	3.6	28.4%	81%	20 interviews Add to research

Valuable Features

PortSwigger Burp Suite Enterprise Edition offers features like dynamic and active scanning, CMDB and device discovery, CI/CD integration, ease of use, and extensions. Users appreciate automated scanning, vulnerability identification, parallel scans, and the ability to intercept and modify calls. Its integration capabilities and automation efficiency save time and money. Regular updates and custom script uploads enhance functionality, while its interface aids in vulnerability assessment and escalations, facilitating a comprehensive testing process.

"The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."
"Its automated scanning feature saves time."
"The most valuable part of it was probably the ability to intercept and modify calls."

Room for Improvement

PortSwigger Burp Suite Enterprise Edition faces challenges with false positives and scan instability. Users find its implementation complex and costly, suggesting the need for a cloud-based option. Static code analysis, better scalability, and predefined attack payloads are requested. Many find performance inefficient, demanding excessive resources. The lack of code analysis and mobile features leaves unmet needs in competitive markets. They desire improvements in vulnerability detection and dynamic security testing integration.

"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
"Scalability could be better."

ROI

Users highlight a significant return on investment with PortSwigger Burp Suite Enterprise Edition through its efficient automated scanning capabilities which drastically reduce manual efforts. Many emphasize improved web security postures and faster issue resolution times, leading to cost savings. They appreciate its ease of integration with CI/CD pipelines, contributing to streamlined workflows and enhanced security measures during development stages. The comprehensive reporting features aid in quick decision-making and prioritization of critical vulnerabilities.

Pricing

PortSwigger Burp Suite Enterprise Edition is considered expensive compared to other options, with licensing paid annually. While some users find its pricing reasonable for the capabilities offered, many lean towards the more economical Professional edition which costs approximately $400 per year. The Professional edition provides similar scanning features, making it a preferred choice due to cost considerations. Users often question the value of additional expenses associated with the Enterprise edition when the Professional version suffices for most needs.

"For Professional, it's about $400 per year."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"The tool's pricing is reasonable and costs around 400 dollars per year."

Popular Use Cases

Organizations primarily utilize PortSwigger Burp Suite Enterprise Edition for manual and dynamic application assessments, focusing on vulnerability scanning and penetration testing. The tool aids in intercepting web and mobile app traffic, detecting vulnerabilities, and performing security audits. It is instrumental in web application security, application scanning, and ensuring the security of applications used in medical equipment and hospitals, among other environments. Users leverage it for both web and mobile app security analysis.

Service and Support

PortSwigger Burp Suite Enterprise Edition's customer service is generally responsive, providing prompt assistance and offering options to enhance scanning speed. While some users found the process took longer, many highlighted efficient and timely responses. Several users mentioned they hadn't required support due to the software's user-friendly nature. Overall, technical support was efficient, and significant issues were rare, reinforcing their positive experiences with PortSwigger's assistance.

Deployment

PortSwigger Burp Suite Enterprise Edition's initial setup is generally straightforward and easy, often completed in 10 to 48 minutes. Some users experienced technical difficulties, notably with the installation agent, occasionally requiring reboots. Support proves helpful in resolving portal issues, and users appreciate its simple deployment in varied environments. Knowledge is necessary for deployment, but ample guidance assists the process. Organizations rate the setup highly for its efficiency and speed.

Scalability

PortSwigger Burp Suite Enterprise Edition offers good scalability options. It supports multiple scanners for multiple portals and allows enterprises to have various users sharing a single license. While some organizations run it with few users, others have deployed it extensively. Technical users in companies often find it mandatory for operations. The scalability is generally rated moderately high, though larger environments may require additional integration for improved scaling.

Stability

Some users experience significant stability issues with PortSwigger Burp Suite Enterprise Edition, noting long scan times and frequent failures compared to other scanners. Several report it affects their schedules negatively. Others find the tool stable, mentioning regular updates and reliability. Some rate its stability between six and nine out of ten. They acknowledge the software is mature but indicate a need for further refinement to address ongoing concerns.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our PortSwigger Burp Suite Enterprise Edition Buyer's Guide for additional reliable information.