Try our new research platform with insights from 80,000+ expert users

GitLab vs PortSwigger Burp Suite Professional comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

GitLab
Ranking in Application Security Tools
9th
Ranking in Static Application Security Testing (SAST)
7th
Ranking in Fuzz Testing Tools
2nd
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
82
Ranking in other categories
Build Automation (1st), Release Automation (2nd), Rapid Application Development Software (12th), Software Composition Analysis (SCA) (5th), Enterprise Agile Planning Tools (2nd), DevSecOps (3rd)
PortSwigger Burp Suite Prof...
Ranking in Application Security Tools
8th
Ranking in Static Application Security Testing (SAST)
6th
Ranking in Fuzz Testing Tools
1st
Average Rating
8.6
Reviews Sentiment
7.9
Number of Reviews
63
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Application Security Tools category, the mindshare of GitLab is 3.0%, up from 2.7% compared to the previous year. The mindshare of PortSwigger Burp Suite Professional is 2.0%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Application Security Tools
 

Featured Reviews

Gaurav Chandel - PeerSpot reviewer
Boosted productivity with automated pipelines and seamless collaboration
There are some challenges with repository file management as GitLab may struggle to manage larger files. Improvements could be made regarding size management and file partitioning. Also, the UI has remained the same for a couple of years and could benefit from an update with AI features and better customization.
Anuradha.Kapoor Kapoor - PeerSpot reviewer
Offers efficient scanning of entire websites but presence of false positive bugs, leading to time-consuming efforts in distinguishing real bugs from false alarms
We have found that so many times, false positive bugs are there, and then we spend a lot of time basically separating them from real bugs. So that's the reason we are looking for some other tool. So we were in discussion with Acunetix. Therefore, the false positive rate is, like, something that we would like to improve. What we are looking for is if this false positive rate goes down because we were OWASP Zap tool users, which was free anyway. But there were a lot of false positives there, and we used to spend a lot of time, like, for security reasons, reproducing those bugs for the development team to fix it. So then we thought, okay, why not we go with the tool? Even if it is not very expensive. But still, every year, we have to renew the license. And we got this tool. Again, we found that in this tool also, even if it is less, there are still a lot of false positive bugs out there. So we again have to spend so much time. So we hired a security tester, who was basically using Acunetix in his previous company for almost three years, and then you said that in that scanning is very slow. The scanning is also slow. Like, sometimes the site scan takes eight hours, six to eight hours. Yeah. And whereas in Acunetix, it took three to four hours. And plus, there are no false positives. I'm not saying none but there's very little. But here, the rate sometimes is very high. These are the two features I think we would like to improve further.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The important feature is the entire process of versioning source code maintenance and easy deployment. It is a necessity for the CI/CD pipeline."
"CI/CD is very good. The version control system is also good. These are the two features that we use."
"I like that it's easy to deploy our services over GitLab. The customer support is also good with a really active community. You have a lot of support that you can get online with your stack. That is probably one of the benefits of using GitLab. It's also really fast."
"It streamlines our DevOps processes with automated CI/CD pipelines."
"I have found the most valuable feature is security control. I also like the branching and cloning software."
"GitLab's source control is excellent."
"The solution makes the CI/CD pipelines easy to execute."
"The most important features of GitLab for us are issue management and all the CI/CD tools. Another aspect that I love about GitLab is the UI."
"The initial setup is simple."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"Once I capture the proxy, I'm able to transfer across. All the requested information is there. I can send across the request to what we call a repeater, where I get to ready the payload that I send to the application. Put in malicious content and then see if it's responding to it."
""The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.""
"With the Extender Tab, if you know how to code then you can create a plugin and add it to Burp."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"It offers very good accuracy. You can trust the results."
 

Cons

"There are missing search features, particularly when searching repositories or applying filters. Additionally, I have encountered issues with the deployment of CI/CD pipelines, especially dealing with variable environments."
"The documentation could be improved to help newcomers better understand things like creating new branches."
"GitLab can improve by integrating with more tools, such as servers with Docker."
"GitLab could add a plugin to integrate with Kubernetes stuff."
"I rate the support from GitLab a four out of five."
"GitLab can improve its user interface to make conflict resolution more user-friendly."
"We do face issues in our company when we run out of disk space."
"Atlassian offers more products than GitLab. GitLab offers source control management, version control and collaboration between developers. Atlassian offers features on top of this as well as more integration points for developers."
"The initial setup is a bit complex."
"As with most automated security tools, too many false positives."
"The solution lacks sufficient stability."
"The biggest drawback is reporting. It's not so good. I can download them, but they're not so informative."
"The solution’s pricing could be improved."
"It should provide a better way to integrate with Jenkins so that DAST (dynamic application security testing) can be automated."
"PortSwigger Burp Suite Professional can improve by having more features in the free version for beginners to try."
"It would be beneficial to have privileged access management as a part of Burp Suite Professional."
 

Pricing and Cost Advice

"We are using the free version of GitLab."
"As I work in a vast enterprise, I'm unsure about the licensing cost for GitLab. It's the management team that takes care of that."
"It is very expensive. We can't bear it now, and we have to find another solution. We have a yearly subscription in which we can increase the number of licenses, but we have to pay at the end of the year."
"GitLab's pricing is good compared to others on the market."
"Regarding pricing, I would rate GitLab as moderately priced, maybe around a seven or eight out of ten. It could be more flexible for clients but generally offers good value."
"I'm not aware of the licensing costs because those were covered by the customer."
"GitLab is comparatively expensive, but it provides value because it's feature-rich."
"The solution's pricing is acceptable."
"The solution is reasonably priced."
"PortSwigger is reasonably-priced. It's fair."
"There are multiple versions available of PortSwigger Burp Suite, such as enterprise, commercial, professional, and beginners."
"At $400 or $500 per license paid annually, it is a very cheap tool."
"It is a cheap solution, but it may not be cheaper than other solutions."
"The solution used to be expensive. However, they have reduced the price to approximately $400.00 which is reasonable."
"There are different licenses available that include a free version."
"Licensing costs are about $450/year for one use. For larger organizations, they're able to test against multiple applications while simultaneously others might have multiple versions of applications which needs to be tested which is why we have the enterprise edition."
report
Use our free recommendation engine to learn which Application Security Tools solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Educational Organization
26%
Financial Services Firm
12%
Computer Software Company
11%
Manufacturing Company
8%
Computer Software Company
16%
Financial Services Firm
13%
Government
12%
Manufacturing Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about GitLab?
I find the features and version control history to be most valuable for our development workflow. These aspects provide us with a clear view of changes and help us manage requests efficiently.
What is your experience regarding pricing and costs for GitLab?
The pricing of GitLab is reasonable, aligning with what I consider to be average compared to competitors.
What needs improvement with GitLab?
Certain features in Jira are not available in GitLab, such as the functionality to have weights at the milestone and epic levels. Hopefully, these features will be resolved with work items in GitLa...
Is OWASP Zap better than PortSwigger Burp Suite Pro?
OWASP Zap and PortSwigger Burp Suite Pro have many similar features. OWASP Zap has web application scanning available with basic security vulnerabilities while Burp Suite Pro has it available with ...
What do you like most about PortSwigger Burp Suite Professional?
The solution helped us discover vulnerabilities in our applications.
What is your experience regarding pricing and costs for PortSwigger Burp Suite Professional?
I find the price of PortSwigger Burp Suite Professional to be very cost-efficient.
 

Also Known As

Fuzzit
Burp
 

Overview

 

Sample Customers

1. NASA  2. IBM  3. Sony  4. Alibaba  5. CERN  6. Siemens  7. Volkswagen  8. ING  9. Ticketmaster  10. SpaceX  11. Adobe  12. Intuit  13. Autodesk  14. Rakuten  15. Unity Technologies  16. Pandora  17. Electronic Arts  18. Nordstrom  19. Verizon  20. Comcast  21. Philips  22. Deutsche Telekom  23. Orange  24. Fujitsu  25. Ericsson  26. Nokia  27. General Electric  28. Cisco  29. Accenture  30. Deloitte  31. PwC  32. KPMG
Google, Amazon, NASA, FedEx, P&G, Salesforce
Find out what your peers are saying about GitLab vs. PortSwigger Burp Suite Professional and other solutions. Updated: February 2025.
845,040 professionals have used our research since 2012.