We performed a comparison between PortSwigger Burp Suite Professional and Tenable.io Web Application Scanning based on real PeerSpot user reviews.
Find out in this report how the two Application Security Tools solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps."
"The way they do the research and they keep their profile up to date is great. They identify vulnerabilities and update them immediately."
"I personally love its capability to automatically and accurately detect vulnerabilities. So, I would say it is the Burp scanner that is THE most powerful, valuable, and an awesome feature."
"The suite testing models are very good. It's very secure."
"The Spider is the most useful feature. It helps to analyze the entire web application, and it finds all the passes and offers an automated identification of security issues."
"The automated scan is what I find most useful because a lot of customers will need it. Not every domain will be looking for complete security, they just need a stamp on the security key. For these kinds of customers, the scan works really well."
"We use the solution for vulnerability assessment in respect of the application and the sites."
"For pentesting scenarios, this is the number one tool. It can capture the request, and there are so many functions that are very good for that. For example, a black box satellite host."
"The most valuable feature is the reporting, which provides a good level of detail with respect to vulnerabilities."
"It collects the vulnerabilities on the hostnames and sends them to the Tenable.io cloud. Tenable has its own cloud where Tenable.io is running, but there are many connectors to other cloud solutions. Tenable can do vulnerability scanning for other cloud managers such as Azure, Amazon, and so on."
"The solution is stable."
"All the features are valuable to us as they offer cutting-edge scanning methods and address the latest issues with a contemporary approach. Tenable.io Web Application Scanning is highly stable. I rate it a nine out ten. Since the solution works on the Cloud, it's highly scalable. I rate the scalability a nine out of ten. The setup of the solution is straightforward. The Return on Investment is substantial. I recommend the solution to all."
"The solution's instant reports feature is the most effective for detecting threats."
"The initial setup is straightforward."
"We can get detailed information about vulnerabilities."
"Our customers adopt this solution because of the replication testing and the vulnerability assessment it can do. It is a multi-faceted product."
"The one feature that I would like to see in Burp is active scanning of REST based web services. A lot of organizations are providing APIs to access their services to support different business models like SaaS. Scanning these APIs is still a challenge for many security product companies."
"Scanning APIs using PortSwigger Burp Suite Professional takes a lot of time."
"You can have many false positives in Burp Suite. It depends on the scale of the penetration testing."
"PortSwigger Burp Suite Professional could improve the static code review."
"The scanner and crawler need to be improved."
"The solution’s pricing could be improved."
"We'd like to have more integration potential across all versions of the product."
"The biggest improvement that I would like to see from PortSwigger that today many people see as an issue in their testing. There might be a feature which might be desired."
"I would like for them to add proxy filtering, where you can transfer and alter the package. It is fully automated. Other web application testers programs are actually proxy software, and the proxy software gives you the flexibility of modifying the outgoing package, which will actually help you in exploiting any vulnerability in detail."
"The platform's technical support services could be better."
"It isn't easy to manage vulnerabilities in Tenable."
"They have a general dashboard for web application scanning, but the dashboards and reporting can be improved. They probably have some features in their roadmap."
"The report customization needs to be better."
"The solution's dashboards could be improved and made more user-friendly."
"Tenable.io Web Application Scanning could improve by offering faster fuzzing."
"Tenable.io Web Application Scanning conducts a general scan, which wastes time. The scan needs to be specific."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
More Tenable.io Web Application Scanning Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 9th in Application Security Tools with 57 reviews while Tenable.io Web Application Scanning is ranked 24th in Application Security Tools with 14 reviews. PortSwigger Burp Suite Professional is rated 8.6, while Tenable.io Web Application Scanning is rated 7.6. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Tenable.io Web Application Scanning writes "Highly Recommended Solution with Latest Scanning Methods". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Invicti, whereas Tenable.io Web Application Scanning is most compared with Acunetix, Qualys Web Application Scanning, Fortify on Demand, SonarQube and Invicti. See our PortSwigger Burp Suite Professional vs. Tenable.io Web Application Scanning report.
See our list of best Application Security Tools vendors.
We monitor all Application Security Tools reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.