The perfect partner for a Security professional
Overall Satisfaction with Burp Suite
Our company has a set of security consultants who conducts penetration testing on all the products developed by our company on a regular basis. Being an enterprise product-based company, we have tried out many other scanning tools and ended up using burp which was the only one that helped our consultants to come up with valid and relevant bugs.
Pros
- The passive scan feature is really awesome, it kind of covers areas that you might miss.
- The CSRF POC is really helpful to my team. It helps development team see the issue and understand it.
- Burp intruder and repeater are the features I myself and my team uses the most as it helps us use our payloads in a variety of different ways.
- Active scan helps the team to ensure coverage for the whole application.
Cons
- Reporting area is a weak area that we have identified with Burp.
- DevsecOps integration is something I am really curious about...
- The user interface can be considered to make more improvements.
- Intruder, repeater.
- Active-scan, passive scan.
- CSRF POC.
- Different add-on plugins.
- Huge ROI.
- Test quality improvement.
- Improved risk mitigation.
Burp was getting us more accurate results. This doesn't mean that the other tools are bad. They just didn't suit our company. Since our products had many business logic bases testing requirements, it was hard for other tools to perform. Burp on the other had worked perfectly assisting the tester with required support.
Do you think PortSwigger Burp Suite delivers good value for the price?
Yes
Are you happy with PortSwigger Burp Suite's feature set?
Yes
Did PortSwigger Burp Suite live up to sales and marketing promises?
Yes
Did implementation of PortSwigger Burp Suite go as expected?
Yes
Would you buy PortSwigger Burp Suite again?
Yes
Comments
Please log in to join the conversation