We performed a comparison between PortSwigger Burp Suite Professional and Rapid7 AppSpider based on real PeerSpot user reviews.
Find out in this report how the two Static Application Security Testing (SAST) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The suite testing models are very good. It's very secure."
"I find the attack model quite amazing, where I can write my scripts and load my scripts as well, which helps quite a bit. All the active scanning that it can do is also quite a lot helpful. It speeds up our vulnerability assessment and penetration testing. Right now, I am enjoying its in-browser, which also helps quite a bit. I'm always confused about setting up some proxy, but it really is the big solution we all want."
"It helps in API testing, where manual intervention was previously necessary for each payload."
"We are mostly using it for scanning the entire website. So, we basically create a script with the entire website and then run it for different injections."
"The Repeater and the BApp extensions are particularly useful. Certain extensions, such as the Active Scan extensions and the Autoracer extension, are very good."
"The active scanner, which does an automated search of any web vulnerabilities."
"It is a time-saver application."
"The solution has a limited range of functions, which is good for small companies. This is because, in small companies, websites are less complex. They also have single services which makes the solution good enough for them. However, the most advantageous aspect of the solution is its affordable price."
"It scans all the components developed within a web application."
"AppSpider's most valuable feature is reporting - everything is stored in the local database so it can be sent to other machines."
"The setup is usually straightforward."
"It is really accurate and the rate of false positives is very low."
"Rapid7 AppSpider is good at managing different applications. It uses applets and generates reports to cover the PCA/GDPR compliance requirements."
"I would say that it is stable, as I am not aware of any major issues."
"When it is set up properly, it can do scanning on web apps with multiple engines automatically."
"The most valuable feature is the reporting, which is compliant with international standards."
"The tool is very expensive."
"There should be a heads up display like the one available in OWASP Zap."
"The reporting needs to be improved; it is very bad."
"We wish that the Spider feature would appear in the same shape that it does in previous versions."
"PortSwigger Burp Suite Professional could improve the static code review."
"The price could be better. The rest is fine."
"The Initial setup is a bit complex."
"It would be good if the solution could give us more details about what exactly is defective."
"There are some glitches with stability, and it is an area for improvement."
"The solution is too slow. It could take a full day to scan. Competitors are much faster."
"The enterprise interface is too simple. It should be more customizable."
"AppSpider could improve in the area of integration. They need to add more integration opportunities."
"Support response times are slow and can be improved."
"This price of this solution is a little bit expensive."
"One of the challenges I have with AppSpider is that it gives you a lot of false positives, especially when compared to other solutions."
"The dashboard and interface are crucial and they need some improvement."
More PortSwigger Burp Suite Professional Pricing and Cost Advice →
PortSwigger Burp Suite Professional is ranked 5th in Static Application Security Testing (SAST) with 57 reviews while Rapid7 AppSpider is ranked 26th in Static Application Security Testing (SAST) with 13 reviews. PortSwigger Burp Suite Professional is rated 8.6, while Rapid7 AppSpider is rated 7.8. The top reviewer of PortSwigger Burp Suite Professional writes "The solution is versatile and easy to deploy, but it needs to give more detailed security reports". On the other hand, the top reviewer of Rapid7 AppSpider writes "Useful vulnerability reporting data, flexible, and simple implementation". PortSwigger Burp Suite Professional is most compared with OWASP Zap, Fortify WebInspect, Acunetix, HCL AppScan and Qualys Web Application Scanning, whereas Rapid7 AppSpider is most compared with Rapid7 InsightAppSec, OWASP Zap, Acunetix, Invicti and Checkmarx One. See our PortSwigger Burp Suite Professional vs. Rapid7 AppSpider report.
See our list of best Static Application Security Testing (SAST) vendors.
We monitor all Static Application Security Testing (SAST) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.