Try our new research platform with insights from 80,000+ expert users

PortSwigger Burp Suite Enterprise Edition vs Wiz comparison

PortSwigger and Wiz are both solutions in the Vulnerability Management category. PortSwigger is ranked #22 with an average rating of 8.3, while Wiz is ranked #3 with an average rating of 9.0. PortSwigger holds a 1.2% mindshare in VM, compared to Wiz’s 11.1% mindshare. Additionally, 84% of PortSwigger users are willing to recommend the solution, compared to 100% of Wiz users who would recommend it.
PortSwigger Burp Suite Ente...
Read 12 PortSwigger Burp Suite Enterprise Edition reviews
  • 1,514 Views
  • 919 Comparison Views
84% willing to recommend
Wiz
Read 20 Wiz reviews
  • 10,477 Views
  • 7,774 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Wiz and PortSwigger Burp Suite Enterprise Edition compete in the security management category. Wiz has the upper hand due to its comprehensive visibility and holistic cloud security management.

Features: Wiz specializes in risk prioritization, integrating context for effective security risk management. Its Security Graph provides comprehensive visibility and analytics, enabling targeted vulnerability management and resource inventory. It offers agentless scanning across cloud layers. PortSwigger Burp Suite Enterprise Edition provides extensive web application scanning capabilities, focusing on vulnerability detection in web environments.

Room for Improvement: Wiz users suggest enhancements in reporting and dashboard customizations, more advanced remediation workflows, and the expansion of security visibility in container and internal network topologies. PortSwigger Burp Suite Enterprise Edition could improve by reducing false positives, enhancing scan stability, and adding features like static code analysis.

Ease of Deployment and Customer Service: Wiz is primarily deployed in the public cloud, allowing faster setup and less dependency on local IT infrastructure. It is noted for excellent customer support, with suggestions for better technical documentation accessibility. PortSwigger Burp Suite Enterprise Edition is typically installed on-premises, requiring more resources for deployment and support.

Pricing and ROI: Wiz is seen as an expensive solution, justified by its comprehensive asset management and risk reduction in cloud environments, providing significant ROI by consolidating security tools. PortSwigger Burp Suite Enterprise Edition is costly, especially the Enterprise version, but its Professional version offers a balanced feature set at better affordability.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed PortSwigger Burp Suite Enterprise Edition vs. Wiz Report (Updated: January 2025).
Buyer's Guide
PortSwigger Burp Suite Enterprise Edition vs. Wiz
January 2025
Download the complete report
Helped 831,265 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

PortSwigger Burp Suite Ente...
Ranking in Vulnerability Management
22nd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
Dynamic Application Security Testing (DAST) (5th)
Wiz
Ranking in Vulnerability Management
3rd
Average Rating
9.0
Reviews Sentiment
7.6
Number of Reviews
20
Ranking in other categories
Container Security (2nd), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (2nd), Data Security Posture Management (DSPM) (2nd), Compliance Management (1st), Cloud Detection and Response (CDR) (1st)
 

Mindshare comparison

As of January 2025, in the Vulnerability Management category, the mindshare of PortSwigger Burp Suite Enterprise Edition is 1.2%, down from 1.2% compared to the previous year. The mindshare of Wiz is 11.1%, up from 8.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management
 

Featured Reviews

Hasan Abufreiha - PeerSpot reviewer
Used for web application auditing and security audits for web applications
I would advise users to limit Burp Suite usage to specific scenarios and applications. Users should use the solution as an expert testing tool instead of using it as a general scanner or for information gathering in general. The tool might be overwhelming initially for new users, but it will be easy after you get used to the UI, features, and options. PortSwigger Burp Suite Enterprise Edition has been doing an amazing job for years compared to other similar tools. Overall, I rate the solution an eight out of ten.
Read full review
Pietro Villivà - PeerSpot reviewer
Useful for security assessment and maintaining correct security posture
The tool keeps improving on a weekly basis. Wiz enters into a lot of partnerships with other technologies. I don't have any idea about the improvements needed in the tool at the moment. For me, Wiz is a very complete product, but it is not the perfect one. Other technologies are better for our customers' specific use cases. A possible way to grow the tool is by introducing new functionality or features. In the future, the tool can introduce an on-prem infrastructure or platform. Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment. The onboarding can be done in five minutes or five to ten minutes. Then, there is the configuration, and it depends on the type of the use case of the customer. There is a customer that has simple use cases for whom the onboarding can be done in four to eight hours a day. If there are some customers with a lot of use cases and a lot of different cloud providers, more time is needed. In general, we don't need more than five days to deploy the tool, even in the case of a very complex architecture and hybrid cloud environment. To deploy the tool, we need to have access to the account of the customer, and Wiz is a stuff that we need to make with the customer. We do the onboarding together. The customer creates the correct authorization in the cloud platform and gives us the key to connect to the platform, and then the platform connector starts and begins to collect information.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."
"The solution's extensions really expand the capabilities and features offered by the installation."
"The most valuable part of it was probably the ability to intercept and modify calls."
"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."
"The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."
"The product is easy to use."
"Its automated scanning feature saves time."
"This tool helps identify vulnerabilities. We then provide the report to the developers, who address the issues identified automatically. Its most valuable feature is CI/CD integration."
More PortSwigger Burp Suite Enterprise Edition pros
"The product's most valuable feature combines different contexts and attributes to produce highly confident alerts."
"The first thing that stood out was the ease of installation and the quick value we got out of the solution."
"Wiz saves time by validating a network misconfiguration by not only looking at the cloud asset configuration but also by testing if a port that is stated to be open is actually open."
"The automation roles are essential because we ultimately want to do less work and automate more. The dashboards are easy to read and visually pleasing. You can understand things quickly, which makes it easy for our other teams. The network and infrastructure teams don't know as much about security as we do, so it helps to have a tool that's accessible and nice to look at."
"The tool's most valuable feature is its attack path analysis."
"The vulnerability management modules and the discovery and inventory are the most valuable features. Before using Wiz, it was a very manual process for both. After implementing it, we're able to get all of the analytics into a single platform that gives us visibility across all the systems in our cloud. We're able to correspond and understand what the vulnerability landscape looks like a lot faster."
"The CSPM module has been the most effective. It was easy to deploy and covered all our accounts through APIs, requiring no agents. Wiz provides instant visibility into high-level risks that we need to address."
"With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment."
More Wiz pros
 

Cons

"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"The product needs to have the ability to evaluate more."
"It would be better if the solution is cloud-based."
"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."
"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
"The stability of the scans could be improved."
"The cost per license per user could be cheaper, specifically for individual licensing."
More PortSwigger Burp Suite Enterprise Edition cons
"We wish there were a way, beyond providing visibility and automated remediation, to wait on a given remediation, due to a critical aspect, such as the cost associated with a particular upgrade... We would like to see preventive controls that can be applied through Wiz to protect against vulnerabilities that we're not going to be able to remediate immediately."
"The reporting should be improved because until a few months ago, the reports were only in CSV format, which made it difficult to clean up. Wiz tried to improve the reporting process, but it's not as valuable as Tenable."
"Wiz's reporting capabilities could be refined a bit. They are making headway on that, but more executive-style dashboards would be nice. They just implemented a community aspect where you can share documents and feedback. This was something users had been requesting for a while. They are listening to customer feedback and making changes."
"One significant issue is that the searches are case-sensitive, so finding a misconfigured resource can become very challenging."
"Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment."
"The solution's container security could be improved."
"The reporting isn't that great. They have executive summaries, but it's only a compliance report that maps all current issues to specific controls. Whether you look at one subscription or project, regardless of the size, you will get a multipage report on how the issues in that account map to that control. Our CSO isn't going to read through that. He won't filter that out or show that to his leadership and say, "Here's what we're doing." It isn't a helpful report. They're working on it, but it's a poor executive summary."
"We are still analyzing its behavior as we are in the midst of the implementation."
More Wiz cons
 

Pricing and Cost Advice

"The tool's pricing is reasonable and costs around 400 dollars per year."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"For Professional, it's about $400 per year."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"The cost of the other solutions is comparable to Wiz."
"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."
"Based on the features and capabilities, the product pricing seems reasonable."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"I wish the pricing was more transparent."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
More Wiz pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
See recommendations
831,265 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
19%
Computer Software Company
13%
Government
7%
Manufacturing Company
7%
Computer Software Company
16%
Financial Services Firm
15%
Manufacturing Company
9%
Government
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about PortSwigger Burp Suite Enterprise Edition?
Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition.
See all answers
What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?
I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional features or services.
See all answers
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively.
See all answers
What do you like most about Wiz?
With Wiz, we get timely alerts for leaked data or any vulnerabilities already existing in our environment.
See all answers
What is your experience regarding pricing and costs for Wiz?
This feedback is not based on much experience yet, as we have only conducted POV or POC.
See all answers
What needs improvement with Wiz?
I have not measured certain abilities on a scale yet. The ultimate value depends on the requirements of your organization.
See all answers
 

Comparisons

Acunetix vs PortSwigger Burp Suite Enterprise Edition Logo
Acunetix vs PortSwigger Burp Suite Enterprise Edition
Compared 34% of the time
Fortify WebInspect vs PortSwigger Burp Suite Enterprise Edition Logo
Fortify WebInspect vs PortSwigger Burp Suite Enterprise Edition
Compared 13% of the time
Tenable Nessus vs PortSwigger Burp Suite Enterprise Edition Logo
Tenable Nessus vs PortSwigger Burp Suite Enterprise Edition
Compared 10% of the time
Rapid7 Metasploit vs PortSwigger Burp Suite Enterprise Edition Logo
Rapid7 Metasploit vs PortSwigger Burp Suite Enterprise Edition
Compared 7% of the time
More PortSwigger Burp Suite Enterprise Edition Competitors
Prisma Cloud by Palo Alto Networks vs Wiz Logo
Prisma Cloud by Palo Alto Networks vs Wiz
Compared 16% of the time
Orca Security vs Wiz Logo
Orca Security vs Wiz
Compared 8% of the time
Microsoft Defender for Cloud vs Wiz Logo
Microsoft Defender for Cloud vs Wiz
Compared 8% of the time
Snyk vs Wiz Logo
Snyk vs Wiz
Compared 5% of the time
CrowdStrike Falcon Cloud Security vs Wiz Logo
CrowdStrike Falcon Cloud Security vs Wiz
Compared 5% of the time
More Wiz Competitors
 

Product Reports

Buyer's Guide
PortSwigger Burp Suite Enterprise Edition
January 2025
PortSwigger Burp Suite Enterprise Edition reportDownload PortSwigger Burp Suite Enterprise Edition product report
Buyer's Guide
Wiz
December 2024
Wiz reportDownload Wiz product report
 

Learn More

PortSwigger
Wiz
 

Overview

Burp Suite Enterprise Edition is an automated web vulnerability scanner, designed to enable enterprises to scale security across their web portfolios and achieve DevSecOps. Automate trusted Burp scans, integrate web security testing with development, and free your application security to support software development.

Wiz is a highly efficient solution for data security posture management (DSPM), with a 100% API-based approach that provides quick connectivity and comprehensive scans of platform configurations and workloads. The solution allows companies to automatically correlate sensitive data with relevant cloud context, such as public exposure, user identities, entitlements, and vulnerabilities.This integration enables them to understand data accessibility, configuration, usage, and movement within their internal environments.

Wiz's Security Graph delivers automated alerts whenever risks emerge, allowing teams to prioritize and address the most critical issues before they escalate into breaches. Furthermore, Wiz ensures rapid and agentless visibility into critical data across various repositories, enabling organizations to easily determine the location of their data assets.

Wiz Features

Wiz provides various features in the following categories:

  • Agentless Scanning: The solution can scan every layer of a cloud environment without requiring agents, managing the entire process and providing comprehensive visibility.

  • Workflow Integration: Users can create customized workflows within Wiz to identify and assign actions based on urgency, integrating them with ticketing systems for quick and efficient remediation.

  • Vulnerability Management: Wiz's vulnerability management modules provide detailed analytics and visibility across cloud systems, streamlining the manual process of vulnerability discovery. The automated attack path analysis helps identify risks and trace potential points of exposure, allowing users to understand and mitigate them effectively and proactively.

  • CSPM (Cloud Security Posture Management): Wiz's CSPM module offers instant visibility into high-level risks to an enterprise’s cloud environment, covering all accounts without the need for agents.

  • Out-of-the-Box Reporting and Custom Queries: The service supports comprehensive reporting with asset context, allowing users to perform complex custom queries on the solution’s user-friendly interface.

  • Automation Roles and Dashboards: The solution facilitates automation by providing essential roles and dedicated dashboards that enable teams to understand security information quickly, even those with limited expertise.

  • Contextual Risk Evaluation: The service contextualizes the various components contributing to an issue, providing a risk evaluation framework that helps prioritize remediation efforts.

  • Security Graph and Visibility: Wiz's security graph offers visibility across the entire organization, even with multiple accounts, enabling users to understand their environment and assets effectively.

The Benefits of Wiz

Wiz offers the following benefits:


  • Comprehensive agentless scanning

  • Effective identification and mitigation of vulnerabilities

  • Streamlined vulnerability management

  • Robust reporting capabilities and customizable queries

  • Enhanced automation and role-based access control

  • Prioritized risk evaluation for efficient remediation

  • Security posture across multiple accounts

Reviews from Real Users

Kamran Siddique, VP Information Security at boxed.com, remarks his company has seen a ROI while using Wiz, as it simplifies the process by integrating multiple useful tools into one solution.

According to a Senior Security Architect at Deliveroo, Wiz has given their company a fresh approach to vulnerability management, as Wiz's native integrations are extremely useful and paramount to the operational success of their platform.



Get a demo | Wiz

 

Sample Customers

Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Buyer's Guide
PortSwigger Burp Suite Enterprise Edition vs. Wiz
January 2025
Free Report: PortSwigger Burp Suite Enterprise Edition vs. Wiz
Find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition vs. Wiz and other solutions. Updated: January 2025.
DOWNLOAD NOW
831,265 professionals have used our research since 2012.
See our PortSwigger Burp Suite Enterprise Edition vs. Wiz report.
See our list of best Vulnerability Management vendors.

We monitor all Vulnerability Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.