No more typing reviews! Try our Samantha, our new voice AI agent.

PortSwigger Burp Suite Enterprise Edition vs Wiz comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Qualys TotalCloud
Sponsored
Ranking in Vulnerability Management
11th
Average Rating
8.6
Reviews Sentiment
7.3
Number of Reviews
39
Ranking in other categories
Container Security (11th), Cloud Workload Protection Platforms (CWPP) (7th), Cloud Security Posture Management (CSPM) (8th), SaaS Security Posture Management (SSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (6th)
PortSwigger Burp Suite Ente...
Ranking in Vulnerability Management
41st
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
12
Ranking in other categories
Dynamic Application Security Testing (DAST) (8th)
Wiz
Ranking in Vulnerability Management
1st
Average Rating
8.8
Reviews Sentiment
7.0
Number of Reviews
49
Ranking in other categories
Container Security (1st), Cloud Workload Protection Platforms (CWPP) (2nd), Cloud Security Posture Management (CSPM) (1st), Cloud-Native Application Protection Platforms (CNAPP) (1st), Data Security Posture Management (DSPM) (1st), Compliance Management (1st), Cloud Detection and Response (CDR) (1st), AI Security (4th)
 

Mindshare comparison

As of July 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.1%, up from 1.0% compared to the previous year. The mindshare of PortSwigger Burp Suite Enterprise Edition is 1.1%, up from 0.9% compared to the previous year. The mindshare of Wiz is 4.4%, down from 11.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Vulnerability Management Mindshare Distribution
ProductMindshare (%)
Wiz4.4%
Qualys TotalCloud1.1%
PortSwigger Burp Suite Enterprise Edition1.1%
Other93.4%
Vulnerability Management
 

Featured Reviews

RO
IT Security Expert at Alior Bank S.A.
Unified risk scoring has improved our cloud visibility and simplifies remediation priorities
Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.
OB
Studiant at Edifixio
Enables time-saving automated scanning and brute force attacks
The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.
Peter Whelan - PeerSpot reviewer
CISO at a computer software company with 1,001-5,000 employees
Improved our security posture thanks to comprehensive visibility
I have contacted Wiz technical support frequently. The support is excellent. We contact via an in-application portal. We can see the support cases we personally open, and also the cases that other people have opened from our company. I appreciate that feature. Generally, support gets back to us within a few days with a good answer. There was one fellow in particular who has been knocking it out of the park. He is a great support person to deal with. We are happy with the support experience. If I were to put Wiz support on a scale from one to ten, I would give them a ten.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Generally, Qualys is very good at detections, whether on cloud or on-prem, and the agent allows deployment on both infrastructures, providing continuous monitoring of your assets, which is a key selling point for us."
"I would definitely recommend Qualys TotalCloud to other users."
"TotalCloud's best feature is the integration of cloud accounts. It helps with the risk and security posture management of our cloud infrastructure."
"TotalCloud has been excellent in providing us with immediate access to all the products and features we need, such as CSPM, TruRisk Insights, and compliance reports, including CIS and HIPAA."
"Qualys TotalCloud's most valuable feature is its ability to link clusters of assets, providing a clear model of deployments, vulnerabilities, and statuses."
"I would definitely recommend Qualys TotalCloud to other customers."
"Qualys TotalCloud's most valuable feature is its agent versatility."
"The most valuable feature of Qualys TotalCloud is the visibility it provides."
"The product is easy to use."
"The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically."
"The solution's extensions really expand the capabilities and features offered by the installation."
"The product's initial setup phase was super easy."
"The most valuable part is that a beginner can run those scans and the V scanning of that particular vulnerability."
"Its automated scanning feature saves time."
"The tool is loaded with many features that give us ROI."
"The initial setup is straightforward."
"I have found that Wiz covers all the stages of the software development life cycle; it covers application or code security, DevOps security, and runtime security, and it is a full-fledged CNAPP solution where all the areas within the development and the deployment side are covered."
"Wiz has positively impacted my organization by implementing zero trust authorization, providing good reporting that shows the top attack path, critical assets, overall risk posture, and demonstrating AI and ML workload capabilities towards my team, as well as good infrastructure detection and vulnerability detection accuracy with security posture management at massive scale and identity exposure."
"I rate Wiz's customer service as ten out of ten."
"Out of all the features, the one item that has been most valuable is the fact that Wiz puts into context all the pieces that create an issue, and applies a particular risk evaluation that helps us prioritize when we need to address a misconfiguration, vulnerability, or any issue that would put our environment into risk."
"What I appreciate most about Wiz is that the compliance and CSPM aspects of this cloud-native application protection offering are genuinely better than other products available in the market."
"The most valuable feature of Wiz is that it keeps information up to date without needing to perform scans or schedule maintenance windows. It provides a fresh snapshot of our vulnerability metrics."
"Wiz is one of the finest tools that I have used so far, and it gives visibility to all the services based resources, which other tools do not give."
"Wiz can accomplish this and easily provide the total inventory in the cloud, which is crucial when managing large cloud databases or environments such as AWS, Azure, or Google environments, where it's difficult to have one view for all cloud components."
 

Cons

"In a future release, I suggest that zero-day vulnerabilities should be predicted in advance using AI technologies. The system is not 100% secure yet, so proactive threat hunting could be enhanced to be more proactive than the current system."
"The response part of the Cloud Detection and Response (CDR) module can be improved."
"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."
"Regarding technical support from Qualys, they respond, but the response time can be too long. Sometimes we need to wait weeks for solutions to simple questions."
"The support process is inefficient due to the excessive number of replies required when submitting tickets."
"The vulnerability part is good, but the policy compliance module needs improvement because it involves a lot of manual work. Specifically, the remediation part of the controls requires enhancements."
"Some major banks and insurance companies require an on-premises solution for comprehensive vulnerability management, which TotalCloud does not offer."
"The downside is only in container security, but it has not been a long time since they introduced these models."
"It would be better if the solution is cloud-based."
"It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and cross-site scripting, to automate some tasks more effectively."
"Scalability could be better."
"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."
"The product needs to have the ability to evaluate more."
"The cost per license per user could be cheaper, specifically for individual licensing."
"The stability is a big issue. So many times the scans fail."
"The stability of the scans could be improved."
"The remediation workflow within the Wiz could be improved."
"We're looking at some of the data compliance stuff that they've got Jon offer. I know they're looking at container security, which we gonna be looking at next."
"From a technical perspective, Wiz is excellent, but the pricing is too expensive."
"Not having an on-prem version can be an obstacle for customers who have a large workload in an on-prem environment."
"There is room for improvement in Wiz, particularly in operator management, as general operators may lack the necessary knowledge, requiring an easier-to-understand tool."
"Once you get a threat and fix it, to see that fix reflected in Wiz, you have to wait 24 hours. That is something I am not happy with."
"We are still analyzing its behavior as we are in the midst of the implementation."
"I have seen some lagging or downtime a couple of times, but I am not sure why it happened."
 

Pricing and Cost Advice

"Its price seems higher compared to other tools, but it is worth it. If they could adjust the pricing and make it comparable with other tools, that would be great."
"Qualys TotalCloud is expensive."
"Qualys TotalCloud is cost-efficient and was selected for its value compared to other products."
"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."
"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."
"I am not sure about the pricing. From what I understand, it is a bit on the higher side, but I do not have the exact numbers."
"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."
"The pricing is comparable. It is built into our other product, so I cannot piecemeal it. It is a part of our subscription."
"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."
"For Professional, it's about $400 per year."
"The tool's pricing is reasonable and costs around 400 dollars per year."
"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."
"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."
"Wiz is a moderately priced solution, where it is neither cheap nor costly."
"The pricing is fair and comparable to their competitors. The cost seems to be going up, which is a concern. There are potential savings from consolidating tools, but we're uncertain how Wiz's pricing will change over time."
"Regarding pricing, it’s more than $100k because we have a very big infrastructure. Our environment supports around three thousand people, and we offer business-to-client financial services to around one million clients, so we rely heavily on Wiz."
"I wish the pricing was more transparent."
"The pricing seems pretty simple. We don't have to do a lot of calculations to figure out what the components are. They do it by enabling specific features, either basics or advanced, which makes it easy to select."
"If one is cheap and ten is expensive, I rate the tool's price as a five out of ten."
"Based on the features and capabilities, the product pricing seems reasonable."
"The pricing is fair. Some of the more advanced features and functionalities and how the tiers are split can be somewhat confusing."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Manufacturing Company
17%
Financial Services Firm
14%
Construction Company
8%
Comms Service Provider
7%
Financial Services Firm
19%
Computer Software Company
7%
Construction Company
6%
Manufacturing Company
6%
Financial Services Firm
14%
Computer Software Company
11%
Manufacturing Company
10%
Healthcare Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise4
Large Enterprise29
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise2
Large Enterprise7
By reviewers
Company SizeCount
Small Business11
Midsize Enterprise10
Large Enterprise30
 

Questions from the Community

What needs improvement with Qualys TotalCloud?
Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...
What is your primary use case for Qualys TotalCloud?
Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...
What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?
I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional f...
What needs improvement with PortSwigger Burp Suite Enterprise Edition?
It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and...
What is your primary use case for PortSwigger Burp Suite Enterprise Edition?
I work with security testing tools for SaaS, focusing on static application security testing and using tools like Bur...
What is your experience regarding pricing and costs for Wiz?
Wiz is fairly priced compared to competitors and fits well within a low budget. Wiz is less expensive than Microsoft ...
What needs improvement with Wiz?
An area of improvement is that there is a lot of data inside Wiz and the naming is confusing, as similar categories f...
What is your primary use case for Wiz?
I basically use it for vulnerability management, so from an admin's perspective, I am using it as an actual user of W...
 

Also Known As

Qualys TotalCloud with FlexScan
No data available
No data available
 

Overview

 

Sample Customers

Information Not Available
Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero
Wiz is the fastest growing software company ever - $100M ARR in 18 months: Wiz becomes the fastest-growing software company ever | Wiz Blog  Discover why companies, including Salesforce, Morgan Stanley, Fox, and Bridgewater choose Wiz as their cloud security partner. Read their success stories here: Customers | Wiz
Find out what your peers are saying about PortSwigger Burp Suite Enterprise Edition vs. Wiz and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.