A honest mgt view of the tool used by a team of security consultants
May 26, 2021
A honest mgt view of the tool used by a team of security consultants
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Burp Suite
Burp Suite is used by my security consultants to perform security assessments and reviews for the organization's applications. It is commonly used across the entire organization, by different groups and teams. The security consultants used the suite to perform their security assessments as well as for training for new hires.
- Manual penetration testing and configuration tweaks
- Automated bulk scanning and simulated scenarios
- Reports generations for mgt as well as working levels
- More features to be available for the free/community version to allow more learning
- Manual updating of plugin without network connectivity
- More controls with the manual testing with scenario inputs
- Manual PT
- Automated attacks
- Scanning for vulnerabilities
- Limited licenses for every application. It is not cheap
- Community edition lacking some of the good features
- Certification and proper training needed
- Nmap, F-Secure Rapid Detection Service and Qualys Container Security (CS)
Each tool is specific and are good for what they do. While Burp Suite can perform some level of the same functions, somehow security consultants prefer these tools as additional to the Burp Suite. Maybe due to open source and easy setup when compared to Burp Suite. But Burp Suite allows for one tool for many templates for each project.
Do you think PortSwigger Burp Suite delivers good value for the price?
Yes
Are you happy with PortSwigger Burp Suite's feature set?
Yes
Did PortSwigger Burp Suite live up to sales and marketing promises?
Yes
Did implementation of PortSwigger Burp Suite go as expected?
Yes
Would you buy PortSwigger Burp Suite again?
Yes