Overall Satisfaction with Burp Suite
Portswigger Burp Suite is used as one of two primary tools by the vulnerability assessment team for evaluating security of all 300+ public facing web sites. It serves as a reliable tool in the suite used to find and validate deficiencies, and implement and verify fixes.
- Penetration testing of web applications
- Web vulnerability scanning
- Customized scan and attack applications
- Easy to use, but difficult to master.
- Some polish to the GUI and reports would be nice.
- More comprehensive integration with government regulations would help in terms of compliance efforts.
- Scanned 100% of the orgs public facing web sites with a small team of analysts.
- Provided a reputable second opinion source to back up the other product in use i.e. Webinspect.
- Pro version $350 is amazing ROI, considering the thwarted attacks and that it's competition is priced in the tens of thousands last I checked.
- No successful hacks. Q.E.D. :-)
Burp Suite is more difficult to master, but only because of the extensive functionality and customization options. It is much more affordable than its competition and deserves its recognition as a top tool in the industry.