Try our new research platform with insights from 80,000+ expert users

PortSwigger Burp Suite Enterprise Edition vs Qualys VMDR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 29, 2024
 

Categories and Ranking

PortSwigger Burp Suite Ente...
Ranking in Vulnerability Management
21st
Average Rating
8.0
Reviews Sentiment
7.4
Number of Reviews
11
Ranking in other categories
Dynamic Application Security Testing (DAST) (5th)
Qualys VMDR
Ranking in Vulnerability Management
2nd
Average Rating
8.2
Reviews Sentiment
7.3
Number of Reviews
89
Ranking in other categories
IT Asset Management (4th), Configuration Management Databases (3rd), Container Security (10th), Risk-Based Vulnerability Management (3rd)
 

Mindshare comparison

As of November 2024, in the Vulnerability Management category, the mindshare of PortSwigger Burp Suite Enterprise Edition is 1.2%, down from 1.2% compared to the previous year. The mindshare of Qualys VMDR is 12.2%, down from 13.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Iwegbue Godspower Isioma - PeerSpot reviewer
Nov 20, 2023
A seamless and easy-to-use solution that enables organizations to conduct vulnerability assessments and penetration testing
We use the solution for vulnerability assessment and penetration testing. We can escalate vulnerabilities. We can also use it for mobile app traffic detection and SQL injection We can escalate the vulnerabilities we see on the web application. The product is easy to use. It is seamless and easy…
Harold Jensen - PeerSpot reviewer
Jul 13, 2023
Good visibility but expensive and needs better support
Support: It's often overseas and often following a script, basically asking us to redo what we opened the case with. Multiple APIs: There seems to be a lack of easy onboarding into Qualys. We had to use manual inputs and some API calls to get items in place. Dashboard: It is very rudimentary with very little customization. The Qualys Scripting Language (QSL) works differently in different Qualys modules, so when you get it working in one area you have to modify the syntax in others. User account management: We often have to give users more rights than needed just to give them what they need. Integration with the various Qualys Modules: You can tell the UI is different based on of the different teams that created them. QSL syntax same in all modules Responsiveness of some of the components: They time out, you get a blank screen, etc. Backend updates between the various modules: You update connectors and information takes a few minutes to show in VMDR or Global Asset View Connectors: Connectors have a throttling issue with AWS which causes them to frequently fail unless you manually run them again.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product is easy to use."
"This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration."
"The most valuable part of it was probably the ability to intercept and modify calls."
"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."
"The solution's extensions really expand the capabilities and features offered by the installation."
"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."
"The tool is loaded with many features that give us ROI."
"The initial setup is straightforward."
"We also like the flexibility in their licensing."
"I find the solution's dashboard interesting...The response time is fine. You can pull up reports without dragging or consuming bandwidth."
"The most valuable features are vulnerability scanning, policy compliance scanning, and tablet for web application scanning."
"This solution gives us insight into our environment and improves our security. It helps us to maintain a good patching system whereby we know that XYZ is vulnerable within the system."
"Qualys VM's best features are vulnerability management and customizable scoring."
"Monitors workstations and servers for vulnerabilities and creates reports."
"The most valuable feature is the certificate management."
"The most valuable feature of Qualys Container Security is the detailed information in the reports and the remediation. This is done to make sure there are no vulnerabilities."
 

Cons

"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."
"The stability of the scans could be improved."
"The product needs to have the ability to evaluate more."
"Scalability could be better."
"The implementation of the solution is quite complicated and could be easier."
"The cost per license per user could be cheaper, specifically for individual licensing."
"From my personal experience, the solution's performance could be improved."
"It would be better if the solution is cloud-based."
"They're still evolving their platform in terms of reporting capabilities."
"Integration could be better. When you think about scanning, it's not used just with this product alone but with other Qualys products. If you think about the bundle, the product itself is good. But integration with other products and packages has space for improvement. They should also offer a better price for bundles."
"Endpoint stability and fault resolution could be improved."
"If anything, I would like to see the user interface modernized a bit more."
"It's too early for me to say if there is any room for improvement since we're in the first couple of months of using this solution."
"The tool needs to improve the adding assets and report generation features. I would like to see the policy scan of offline appliances in the product's future releases."
"We face issues while scanning multiple assets."
"Reports were lacking somewhat on the customization side."
 

Pricing and Cost Advice

"The tool's pricing is reasonable and costs around 400 dollars per year."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"For Professional, it's about $400 per year."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
"It is more expensive than other products on the market."
"In Nigerian Naira, we spend about roughly four to five million to use this solution and this is expensive compared to solutions like Nessus."
"It's very expensive, especially if you want to use multiple modules of Qualys."
"Qualys VM is better suited for medium to large companies because the price can be too much for smaller customers."
"Usually every implementation is different and the quote is in function of number of assets."
"The pricing and licensing for Qualys could be improved."
"It is a high cost product. Compared to the other solutions, it is around 15 to 20% higher in cost."
"The pricing is very competitive."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
814,572 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
16%
Computer Software Company
15%
Government
11%
Manufacturing Company
7%
Educational Organization
35%
Computer Software Company
11%
Financial Services Firm
11%
Manufacturing Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PortSwigger Burp Suite Enterprise Edition?
Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition.
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers.
What is your primary use case for Qualys VM?
Qualys VM is used for vulnerability scans for the internet and applications using application exchange. There are many applications. We also use the solution for asset management per team, and the ...
What do you like most about Qualys VMDR?
I like that we have many scanners and channels that don't overload. It helps us scan and track easily. Also, the tagging system is good for tagging. We can still use QualysAgent task ID tools even ...
What is your experience regarding pricing and costs for Qualys VMDR?
Compared to Tenable, Qualys is quite expensive. However, its performance justifies the cost, making it a worthwhile investment.
 

Also Known As

No data available
Qualys VM, QualysGuard VM, Qualys Asset Inventory, Qualys Container Security, Qualys Virtual Scanner Appliance
 

Overview

 

Sample Customers

Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
Agrokor Group, American Specialty Health, American State Bank, Arval, Life:), Axway, Bank of the West, Blueport Commerce, BSkyB, Brinks, CaixaBank, Cartagena, Catholic Health System, CEC Bank, Cegedim, CIGNA, Clickability, Colby-Sawyer College, Commercial Bank of Dubai, University of Utah, eBay Inc., ING Singapore, National Theatre, OTP Bank, Sodexo, WebEx
Find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition vs. Qualys VMDR and other solutions. Updated: October 2024.
814,572 professionals have used our research since 2012.