Try our new research platform with insights from 80,000+ expert users
PortSwigger Burp Suite Enterprise Edition Logo

PortSwigger Burp Suite Enterprise Edition Reviews

Vendor: PortSwigger
4.0 out of 5
Start review

What is PortSwigger Burp Suite Enterprise Edition?

Burp Suite Enterprise Edition is an automated web vulnerability scanner, designed to enable enterprises to scale security across their web portfolios and achieve DevSecOps. Automate trusted Burp scans, integrate web security testing with development, and free your application security to support software development.

Get the PortSwigger Burp Suite Enterprise Edition Buyer's Guide and find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition, HCL AppScan, Fortify WebInspect and more!
PortSwigger Burp Suite Enterprise Edition is the #5 ranked solution in top Dynamic Application Security Testing (DAST) solutions and #24 ranked solution in top Vulnerability Management solutions. PeerSpot users give PortSwigger Burp Suite Enterprise Edition an average rating of 8.0 out of 10. PortSwigger Burp Suite Enterprise Edition is most commonly compared to HCL AppScan: PortSwigger Burp Suite Enterprise Edition vs HCL AppScan. PortSwigger Burp Suite Enterprise Edition is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a financial services firm, accounting for 19% of all views.
Buyer's Guide
PortSwigger Burp Suite Enterprise Edition
March 2025
Get the report
Helped 845,040 peers since 2012

Featured PortSwigger Burp Suite Enterprise Edition reviews

Read more reviews

PortSwigger Burp Suite Enterprise Edition mindshare

Product category:
Dynamic Application Security Testing ...
As of April 2025, the mindshare of PortSwigger Burp Suite Enterprise Edition in the Dynamic Application Security Testing (DAST) category stands at 13.2%, up from 1.2% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Dynamic Application Security Testing (DAST)

PeerAnalyst reports based on PortSwigger Burp Suite Enterprise Edition reviews

TypeTitleDate
CategoryDynamic Application Security Testing (DAST)Apr 3, 2025Download
ProductReviews, tips, and advice from real usersApr 3, 2025Download
ComparisonPortSwigger Burp Suite Enterprise Edition vs HCL AppScanApr 3, 2025Download
ComparisonPortSwigger Burp Suite Enterprise Edition vs Fortify WebInspectApr 3, 2025Download
ComparisonPortSwigger Burp Suite Enterprise Edition vs InvictiApr 3, 2025Download
Suggested products
TitleRatingMindshareRecommending
HCL AppScan3.916.3%83%43 interviewsAdd to research
Fortify WebInspect3.623.9%81%20 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

PortSwigger Burp Suite Enterprise Edition offers features like dynamic and active scanning, CMDB and device discovery, CI/CD integration, ease of use, and extensions. Users appreciate automated scanning, vulnerability identification, parallel scans, and the ability to intercept and modify calls. Its integration capabilities and automation efficiency save time and money. Regular updates and custom script uploads enhance functionality, while its interface aids in vulnerability assessment and escalations, facilitating a comprehensive testing process.
  • "The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."
  • "Its automated scanning feature saves time."
  • "The most valuable part of it was probably the ability to intercept and modify calls."

Room for Improvement

PortSwigger Burp Suite Enterprise Edition faces challenges with false positives and scan instability. Users find its implementation complex and costly, suggesting the need for a cloud-based option. Static code analysis, better scalability, and predefined attack payloads are requested. Many find performance inefficient, demanding excessive resources. The lack of code analysis and mobile features leaves unmet needs in competitive markets. They desire improvements in vulnerability detection and dynamic security testing integration.
  • "It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
  • "It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
  • "Scalability could be better."

ROI

Users highlight a significant return on investment with PortSwigger Burp Suite Enterprise Edition through its efficient automated scanning capabilities which drastically reduce manual efforts. Many emphasize improved web security postures and faster issue resolution times, leading to cost savings. They appreciate its ease of integration with CI/CD pipelines, contributing to streamlined workflows and enhanced security measures during development stages. The comprehensive reporting features aid in quick decision-making and prioritization of critical vulnerabilities.

Pricing

PortSwigger Burp Suite Enterprise Edition is considered expensive compared to other options, with licensing paid annually. While some users find its pricing reasonable for the capabilities offered, many lean towards the more economical Professional edition which costs approximately $400 per year. The Professional edition provides similar scanning features, making it a preferred choice due to cost considerations. Users often question the value of additional expenses associated with the Enterprise edition when the Professional version suffices for most needs.
  • "For Professional, it's about $400 per year."
  • "Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
  • "The tool's pricing is reasonable and costs around 400 dollars per year."

Popular Use Cases

Organizations primarily utilize PortSwigger Burp Suite Enterprise Edition for manual and dynamic application assessments, focusing on vulnerability scanning and penetration testing. The tool aids in intercepting web and mobile app traffic, detecting vulnerabilities, and performing security audits. It is instrumental in web application security, application scanning, and ensuring the security of applications used in medical equipment and hospitals, among other environments. Users leverage it for both web and mobile app security analysis.

Service and Support

PortSwigger Burp Suite Enterprise Edition's customer service is generally responsive, providing prompt assistance and offering options to enhance scanning speed. While some users found the process took longer, many highlighted efficient and timely responses. Several users mentioned they hadn't required support due to the software's user-friendly nature. Overall, technical support was efficient, and significant issues were rare, reinforcing their positive experiences with PortSwigger's assistance.

Deployment

PortSwigger Burp Suite Enterprise Edition's initial setup is generally straightforward and easy, often completed in 10 to 48 minutes. Some users experienced technical difficulties, notably with the installation agent, occasionally requiring reboots. Support proves helpful in resolving portal issues, and users appreciate its simple deployment in varied environments. Knowledge is necessary for deployment, but ample guidance assists the process. Organizations rate the setup highly for its efficiency and speed.

Scalability

PortSwigger Burp Suite Enterprise Edition offers good scalability options. It supports multiple scanners for multiple portals and allows enterprises to have various users sharing a single license. While some organizations run it with few users, others have deployed it extensively. Technical users in companies often find it mandatory for operations. The scalability is generally rated moderately high, though larger environments may require additional integration for improved scaling.

Stability

Some users experience significant stability issues with PortSwigger Burp Suite Enterprise Edition, noting long scan times and frequent failures compared to other scanners. Several report it affects their schedules negatively. Others find the tool stable, mentioning regular updates and reliability. Some rate its stability between six and nine out of ten. They acknowledge the software is mature but indicate a need for further refinement to address ongoing concerns.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our PortSwigger Burp Suite Enterprise Edition Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
By visitors reading reviews

Top industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
13%
Manufacturing Company
8%
Government
7%
Healthcare Company
5%
University
5%
Comms Service Provider
4%
Real Estate/Law Firm
4%
Media Company
3%
Construction Company
3%
Retailer
3%
Hospitality Company
3%
Non Profit
3%
Energy/Utilities Company
3%
Educational Organization
2%
Transportation Company
2%
Outsourcing Company
1%
Aerospace/Defense Firm
1%
Recreational Facilities/Services Company
1%
Marketing Services Firm
1%
Performing Arts
1%
Consumer Goods Company
1%
Security Firm
1%
Logistics Company
1%
Sports Company
1%
Legal Firm
1%
Insurance Company
1%
Engineering Company
1%
Wholesaler/Distributor
1%

Compare PortSwigger Burp Suite Enterprise Edition with alternative products

Go!

Learn more about PortSwigger Burp Suite Enterprise Edition

PortSwigger Burp Suite Enterprise Edition customers

Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero

Related questions

  • 6
When evaluating Dynamic Application Security Testing (DAST), what aspect do you think is the most important to look for?
  • 4
Why is Dynamic Application Security Testing (DAST) important for companies?

Product Categories

Product Categories
Dynamic Application Security Testing (DAST)
Vulnerability Management

Popular Comparisons

Popular Comparisons
HCL AppScan vs PortSwigger Burp Suite Enterprise Edition Logo
HCL AppScan vs PortSwigger Burp Suite Enterprise Edition
Fortify WebInspect vs PortSwigger Burp Suite Enterprise Edition Logo
Fortify WebInspect vs PortSwigger Burp Suite Enterprise Edition
Rapid7 InsightAppSec vs PortSwigger Burp Suite Enterprise Edition Logo
Rapid7 InsightAppSec vs PortSwigger Burp Suite Enterprise Edition
AppCheck vs PortSwigger Burp Suite Enterprise Edition Logo
AppCheck vs PortSwigger Burp Suite Enterprise Edition
See all alternatives
 

PortSwigger Burp Suite Enterprise Edition reviews

Sort by:
OB
Studiant at Edifixio
Verified user of PortSwigger Burp Suite Enterprise Edition
Dec 30, 2024
Enables time-saving automated scanning and brute force attacks

Pros

"Its automated scanning feature saves time. "

Cons

"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."

What is our primary use case?

I work with security testing tools for SaaS, focusing on static application security testing and using tools like Burp Suite for replaying Apex.

What is most valuable?

The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. 

Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (383 words)
Hasan Abufreiha - PeerSpot user
Cyber security enthusiast at a university with 51-200 employees
Verified user of PortSwigger Burp Suite Enterprise Edition
May 25, 2024
Used for web application auditing and security audits for web applications

Pros

"The solution's extensions really expand the capabilities and features offered by the installation."

Cons

"From my personal experience, the solution's performance could be improved."

What is our primary use case?

I use the solution for web application auditing and security audits for web applications.

What is most valuable?

The solution's extensions really expand the capabilities and features offered by the installation. Without the extensions, a lot of things may be out of reach or hard to implement.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (324 words)
Buyer's Guide
PortSwigger Burp Suite Enterprise Edition
Download free report
Find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition. Updated March 2025
845,040 professionals have used our research since 2012.
Mustufa Bhavnagarwala - PeerSpot user
CyberRisk Solution Advisor at a consultancy with 10,001+ employees
Verified user of PortSwigger Burp Suite Enterprise Edition
Dec 7, 2023
With a super easy initial setup phase, the tool also offers regular updates

Pros

"The product's initial setup phase was super easy."

Cons

"The cost per license per user could be cheaper, specifically for individual licensing."

What is our primary use case?

I use PortSwigger Burp Suite Enterprise Edition in my company to do the vulnerability assessment manually and test web applications and APIs. Even for mobile phones, the tool helps because it allows users to interpret the network calls of mobile applications that go through the server.

What is most valuable?

The most valuable feature of the solution is the active scan, which helps with crawling through web applications, allowing users to explore the full application, including each and every functionality of the web application. The network calls that are sent to the server are saved in PortSwigger Burp Suite Enterprise Edition, after which all those network calls are scanned, meaning the solution does an active scan on them.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (639 words)
PeerSpot user
App Sec Engineer at a non-profit with 11-50 employees
Verified user of PortSwigger Burp Suite Enterprise Edition
Oct 22, 2024
Product version discussed: Enterprise Edition
Intercepts and modifies calls effectively with efficient technical support

Pros

"The most valuable part of it was probably the ability to intercept and modify calls. "

Cons

"Scalability could be better."

What is our primary use case?

We used it for our dynamic application testing. Whenever we had an instance or application that we wanted to run on a running instance to mimic an attacker, we used Burp Suite. We observed whether it was intercepting certain calls and modified them to understand areas that were weak, identifying vulnerabilities that the application had.

How has it helped my organization?

It was vital in helping us because we didn't have to utilize our own testing environment. We could utilize Burp Suite to mimic our normal procedures without having multiple people on the test environment, configuring and maintaining it. The tool allowed us to mimic attacks and gain real-time detection of issues without needing additional resources for a test environment.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (435 words)
Iwegbue Godspower Isioma - PeerSpot user
Cyber Security Analyst at Platview Technologies
Verified user of PortSwigger Burp Suite Enterprise Edition
Nov 23, 2023
A seamless and easy-to-use solution that enables organizations to conduct vulnerability assessments and penetration testing

Pros

"The product is easy to use."

Cons

"It would be better if the solution is cloud-based."

What is our primary use case?

We use the solution for vulnerability assessment and penetration testing. We can escalate vulnerabilities. We can also use it for mobile app traffic detection and SQL injection.

What is most valuable?

We can escalate the vulnerabilities we see on the web application. The product is easy to use. It is seamless and easy to work with.

*Disclosure: My company has a business relationship with this vendor other than being a customer: Customer/Partner
Read full review (321 words)
MN
Security Tester at Ray Business Technologies Private Limited
Verified user of PortSwigger Burp Suite Enterprise Edition
May 22, 2024
Useful for web application security and helps to identify vulnerabilities

Pros

"This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration. "

Cons

"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers. "

What is our primary use case?

Our main use case for the tool is web application security. We utilize it to identify various types of vulnerabilities.

What is most valuable?

This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration. 

The solution's automation capabilities are 95 percent effective. The tool's features, like ease of integration and effectiveness in identifying vulnerabilities, are also valuable. Additionally, it simplifies the process of providing codes.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (286 words)
PeerSpot user
Senior IT Security Analyst at a transportation company with 10,001+ employees
Verified user of PortSwigger Burp Suite Enterprise Edition
Sep 1, 2022
Easy to use, plenty of features, and customizable

Pros

"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."

Cons

"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."

What is our primary use case?

PortSwigger Burp Suite Enterprise Edition is a web application interceptor. It can intercept the traffic between the client and the server.

What is most valuable?

The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs.

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (300 words)
HA
Head Information Secretary at a manufacturing company with 1,001-5,000 employees
Verified user of PortSwigger Burp Suite Enterprise Edition
Dec 16, 2023
An application security product that is loaded with features

Pros

"The tool is loaded with many features that give us ROI."

Cons

"The product needs to have the ability to evaluate more. "

What is our primary use case?

We use PortSwigger Burp Suite Enterprise Edition for application security.

What is most valuable?

The tool is loaded with many features that give us ROI. 

*Disclosure: I am a real user, and this review is based on my own experience and opinions.
Read full review (153 words)