Try our new research platform with insights from 80,000+ expert users

Fortify Application Defender vs PortSwigger Burp Suite Professional comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024
 

Categories and Ranking

Fortify Application Defender
Ranking in Application Security Tools
33rd
Average Rating
7.8
Number of Reviews
11
Ranking in other categories
No ranking in other categories
PortSwigger Burp Suite Prof...
Ranking in Application Security Tools
8th
Average Rating
8.6
Reviews Sentiment
7.7
Number of Reviews
60
Ranking in other categories
Static Application Security Testing (SAST) (6th), Fuzz Testing Tools (1st)
 

Mindshare comparison

As of November 2024, in the Application Security Tools category, the mindshare of Fortify Application Defender is 0.7%, down from 1.0% compared to the previous year. The mindshare of PortSwigger Burp Suite Professional is 1.8%, down from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

HisaoOgata - PeerSpot reviewer
May 24, 2023
Saves time and warns about the vulnerabilities in the software, but the false positive rate should be lower
We use the solution to prevent cyberattacks Based on the alerts created by the solution during development, we modify the software we are developing. The product finds mistakes automatically. It warns us about the vulnerabilities in the software. The product saves us cost and time. The product…
Anton Krivonosov - PeerSpot reviewer
Jan 17, 2024
A special tool for penetration testers or security specialists to conduct security assessments
We use the solution for security assessments. It's a special tool for penetration testers or security specialists PortSwigger Burp Suite Professional is a standard tool in the security industry. It's a stable solution that has many features. You can download different plugins if you don't have…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Its ability to find security defects is valuable."
"The tool's most valuable feature is software composition analysis. This feature works well with my .NET applications, providing a better understanding of library vulnerabilities."
"I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy."
"The information from Fortify Application Defender on how to fix and solve issues is very good compared to other solutions."
"Fortify Application Defender's most valuable features are machine learning algorithms, real-time remediation, and automatic vulnerability notifications."
"The most valuable feature is that it analyzes data in real-time."
"The most valuable feature is the ability to automatically feed it rules what it's coupled with the WebInspect dynamic application scanning technology."
"The solution helped us to improve the code quality of our organization."
"The most valuable feature is Burp Collaborator."
"The solution scans web applications and supports APIs, which are the main features I really like."
"The solution has a pretty simple setup."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"You can download different plugins if you don't have them in the standard edition."
"It offers very good accuracy. You can trust the results."
"The most valuable feature of PortSwigger Burp Suite Professional is the advanced features, user-friendly interface, and integration with other tools."
"This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
 

Cons

"Fortify Application Defender gives a lot of false positives."
"The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and security checks. Many independent and open-source tools are available, from Apache to various libraries. Using multiple DevOps pipeline tools can slow the turnaround time."
"The false positive rate should be lower."
"I encountered many false positives for Python applications."
"Fortify Application Defender could improve by supporting more code languages, such as GRAAS and Groovy."
"The workbench is a little bit complex when you first start using it."
"Support for older compilers/IDEs is lacking."
"The solution is quite expensive."
"The solution’s pricing could be improved."
"It would be good if the solution could give us more details about what exactly is defective."
"Currently, the scanning is only available in the full version of Burp, and not in the Community version."
"The solution’s pricing could be improved."
"If we're running a huge number of scans regularly, it slows down the tool."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"There could be an improvement in the API security testing. There is another tool called Postman and if we had a built-in portal similar to Postman which captures the API, we would be able to generate the API traffic. Right now we need a Postman tool and the Burp Suite for performing API tests. It would be a huge benefit to be able to do it in a single UI."
"The Iran market does not have after-sales support. PortSwigger Burp Suite Professional needs to provide after-sales support."
 

Pricing and Cost Advice

"The product’s price is much higher than other tools."
"Fortify Application Defender is very expensive."
"The base licensing costs for the SaaS platform is about $900 USD per application, per year."
"I rate the solution's pricing a five out of ten. It comes as an annual cloud subscription. The tool's pricing is around 50 lakhs."
"The price of this solution could be less expensive."
"The licensing is very complex, it's project based and can range from $10,000 to $200,000+ depending on the project type and size."
"There are different licenses available that include a free version."
"The cost is approximately $500 for a single license, and there are no additional costs beyond the standard licensing fees."
"The solution used to be expensive. However, they have reduced the price to approximately $400.00 which is reasonable."
"They should reduce the license cost a little bit. It is $400 per user, and it would be better if they could reduce the licensing fee."
"PortSwigger is reasonably-priced. It's fair."
"The yearly cost is about $300."
"Our licensing cost is approximately $400 USD per year."
"PortSwigger is a bit expensive."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
814,572 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
22%
Manufacturing Company
14%
Computer Software Company
14%
Government
9%
Computer Software Company
17%
Financial Services Firm
13%
Government
11%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Fortify Application Defender?
I find the configuration of rules in Fortify Application Defender useful. Its integration is also easy.
What needs improvement with Fortify Application Defender?
The product should integrate industry-standard code review tools internally with its system. This would streamline the coding process, as developers wouldn't need multiple tools for code review and...
What is your primary use case for Fortify Application Defender?
We use the solution for fast code review. It is integrated into our DevOps pipeline.
Is OWASP Zap better than PortSwigger Burp Suite Pro?
OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with ...
What do you like most about PortSwigger Burp Suite Professional?
The solution helped us discover vulnerabilities in our applications.
What is your experience regarding pricing and costs for PortSwigger Burp Suite Professional?
I would rate the pricing a six out of ten. It's not as flexible here as it might be in European or American markets.
 

Also Known As

HPE Fortify Application Defender, Micro Focus Fortify Application Defender
Burp
 

Overview

 

Sample Customers

ServiceMaster, Saltworks, SAP
Google, Amazon, NASA, FedEx, P&G, Salesforce
Find out what your peers are saying about Fortify Application Defender vs. PortSwigger Burp Suite Professional and other solutions. Updated: October 2024.
814,572 professionals have used our research since 2012.