PortSwigger Burp Suite Professional Reviews

Our primary use for this solution is to perform vulnerability scanning before we deploy software in production.

This solution has done a lot to improve our organization. It allows us to be proactive and solve issues before our external auditors find them. 

The most valuable feature of this solution is the scanning functionality. Some of the extensions, available using Burp Extender, are also very good and we have found issues by using them.

Burp Intruder is another very good feature in this solution.

I would like to see a more optimized solution, as it currently uses a lot of CPU power and memory. Sometimes, the application is blocking.

The reporting also needs improvement. Specifically, if there is an issue that exists on many pages, then I do not want to see the same thing repeated many times throughout the report. Rather, it should be pointed out as a global error, and only shown the one time. 

In the next version, I would like an option to scan the environment where the application is installed. I would also like a better cryptographic study, with more controls.

This solution is very stable.

I would say that this is a very scalable solution.

We do plan to increase our usage, but not beyond the Professional version. It is not our intention to move to the Enterprise version right now.

I would rate their technical support a five out of five.

The initial setup and deployment are straightforward and take very little time.

Only one person from the IT department is required for deployment and maintenance.

We handled the implementation internally.

Our licensing cost is approximately $400 USD per year. There are no costs in addition to the standard licensing fees.

We did evaluate other options before choosing this solution.

I would recommend this product to others. It is very straightforward and it is oriented to the application, which is why we chose it. I would also recommend reviewing and using the extensions that are available.

I would rate this solution a nine out of ten.

We are an auditing company. We use this solution for auditing purposes for the infrastructure of our customers.

The reporting part is the most valuable. It also has very good features. We use almost all of the features for different kinds of customers and needs. 

One thing that is not up to the mark in PortSwigger is web application testing. I found some issues with its performance and reporting. They should work on these and give us a better outcome.

I have been using this solution for more than a year.

It is stable. We didn't have any issues.

Its scalability is great. We have almost five users who are using the product, and they're happy with this product. 

We've got very good support from their team.

We previously used some open-source applications, but later on, we found out that, unfortunately, they are not good products. We had to use the applications of all other products separately in our environment, but PortSwigger can do all things itself. That's why we switched to PortSwigger.

The initial setup was very simple.

I implemented it on my own.

It has a yearly license. I am satisfied with its price.

We did consider one more product and had a discussion about the product features. We found PortSwigger to be the best match for our business.

It is a very good product. You must try it once.

I would rate PortSwigger Burp a nine out of ten. I am satisfied with this product. It is a great experience.

I use this primarily for intercepting mobile HTTP and HTTPS requests with SSL pinning bypass. It's a better tool for manual tasks.

This solution has helped a lot in finding bugs and vulnerabilities, and the scanner is good enough for simple web apps.

The best feature that I've found is the built-in manual tools.

The scanner and crawler need to be improved.

My primary use case for this solution is designed around my own personal use. Burp Suite is a graphical tool for testing Web application security. The tool is written in Java.

I use Burp Suite on my laptop in my room for my personal research study. Since I don't use it for corporate work or company research purposes I can't comment on how it has improved my organization. 

In my opinion, all of the features seem to be of equal value really. I'm currently using the latest version.

The product is very good just the way it is; It has everything already well established and functions great. I can't see any way for this current version to be improved.

My impressions of the stability of the solution are quite good.

My impressions of the scalability of the solution are good.

At work, I use an open source SAP solution. It's a free tool. It's a fully automated tool and it's fully furnished. Currently, I'm the only user and it's my job to analyze this product.

The initial setup was somewhat complex, to be honest.

My only advice for anyone looking for a personal use case for testing Web application security is this is a good option.

Before choosing this tool, no, I didn't evaluate any other options. I know what I wanted and I'm very happy with it.

It's actually a very good product. It's pretty automated and it's easy to work with. No additional features need to be added because it's already an extraordinary tool. So there's no need for additional improvement.

Great product. I rate this product a 9 out of 10 for its total package of value-added features.

Currently, we're trying to import the solution to implement it to other applications for our website. So far, it's been fantastic.

The suite testing models are very good. It's very secure.

The solution isn't too stable. The fundamentals of it make it difficult to use. Sometimes it takes me to other applications that are being run.

The scalability capabilities of the solution could be improved.

I've been using the solution for three years.

The stability is okay, but we are finding issues.

The solution doesn't offer very good scalability.

We haven't had to contact technical support.

We didn't previously use a different solution.

The initial setup is straightforward. Deployment doesn't take more than two to three hours.

We handled the implementation ourselves.

We use the on-premises deployment model.

I'd rate the solution nine out of ten. I haven't compared it with other vendors, but it is a best-seller currently.