Acunetix vs PortSwigger Burp Suite Enterprise Edition comparison

Acunetix vs. PortSwigger Burp Suite Enterprise Edition

Download the complete report

Helped 900,838 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Qualys TotalCloud

Mindshare comparison

As of June 2026, in the Vulnerability Management category, the mindshare of Qualys TotalCloud is 1.0%, up from 0.9% compared to the previous year. The mindshare of Acunetix is 1.2%, up from 1.2% compared to the previous year. The mindshare of PortSwigger Burp Suite Enterprise Edition is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Vulnerability Management Mindshare Distribution
Product	Mindshare (%)
Qualys TotalCloud	1.0%
Acunetix	1.2%
PortSwigger Burp Suite Enterprise Edition	1.1%
Other	96.7%

Vulnerability Management

Featured Reviews

Robert Orłowski

IT Security Expert at Alior Bank S.A.

Unified risk scoring has improved our cloud visibility and simplifies remediation priorities

Qualys TotalCloud provides unified vulnerability and threat assessment across both IAS and SaaS. This solution provides a single prioritized view of risk, which helps reduce the work I would have to do. We are no longer based on CVSS; we are based on Qualys risk scoring, which is based on CVSS plus internal findings made by Qualys, and then assigns its own score. The TruRisk insight feature has found a small number of assets with high vulnerability scores, though I am cautious since some information is classified. Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution.

Read full review

Rahul Kumar

Senior Engineer - Penetration Tester at a government with 10,001+ employees

Identifies vulnerabilities across bulk web applications but needs better support and cleaner reports

The best feature Acunetix offers is the centralized dashboard and the quality of reports it generates, which includes various options for selecting reports and developer options for directly sharing the reports with developers. The centralized dashboard of Acunetix gives visibility into the security aspects of mass applications; for instance, with more than 200 applications, it provides a valuable overview of findings and necessary fixes, along with a high-level summary that helps us achieve compliance through monthly and sometimes weekly scanning. In terms of reporting, Acunetix is excellent because it can generate different types of reports, such as an executive summary report, detailed reports, and developer reports that can be shared directly with developers. Acunetix positively impacts my organization by helping identify outdated libraries and applications, including legacy applications vulnerable to old attacks based on OWASP Top 10, thus aiding in compliance checks for PCI DSS and OWASP. Acunetix provides a centralized report with compliance-related aspects and a vulnerability timeline, effectively helping reduce vulnerabilities and save time.

Read full review

Oussama Ben Taher

Studiant at Edifixio

Enables time-saving automated scanning and brute force attacks

The most appreciated functionality of PortSwigger Burp Suite is its ability to perform brute force attacks automatically. Its automated scanning feature saves time. Additionally, using this tool provides significant security insights, making our testing process more efficient and comprehensive, leading to considerable time savings, which in turn translates to financial benefits.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Qualys TotalCloud has positively impacted our bank's performance, and we have definitely seen benefits after implementing this solution."

"It is a cloud-native app that integrates with both IaaS and SaaS. It seamlessly integrates with other platforms."

"Qualys TotalCloud provides a single, prioritized view of risk, reducing the workload associated with consolidating multiple sources for risk prioritization."

"The most valuable feature of Qualys TotalCloud is the visibility it provides."

"Qualys TotalCloud has improved our security posture."

"The most valuable feature is extensibility."

"Qualys TotalCloud has significantly reduced our workload in terms of managing risks, helping us to be more efficient and save substantial resources."

"TruRisk Insights is the most important innovation they've released this year."

More Qualys TotalCloud pros

"Acunetix helps reduce the man-days and effort needed for scanning bulk applications through automated assessments, allowing good dashboard visualization that can be reported easily to management, providing complete visibility on vulnerability metrics."

"It generates automated reports."

"Acunetix has positively impacted my organization by improving our security review process, identifying vulnerabilities earlier in the deployment cycle, reducing the risk of security issues reaching production, and helping the team address potential threats more efficiently."

"Acunetix has an awesome crawler. It gives a referral site map of near targets and also goes really deep to find all the inputs without issues. This was valuable because it helped me find some files or directories, like web admin panels without authentication, which were hidden."

"Acunetix is the best service in the world."

"We are happy, we're not unhappy with Acunetix, but we are very impressed by some of the things that it has been doing."

"Picks up weaknesses in our app setups."

"It comes equipped with an internal applicator, which automatically identifies and addresses vulnerabilities within the program."

More Acunetix pros

"The initial setup is straightforward."

"The most valuable features of PortSwigger Burp Suite Enterprise Edition are the vast amount of options and ease of use. They frequently improve the solution every six months to a year. Additionally, if we want any more features we can upload a custom script to meet our needs."

"We are in the early stage of using the solution making it difficult to fully determine the best features. However, we have noticed the CMDB and device discovery features look valuable at this time."

"The solution's extensions really expand the capabilities and features offered by the installation."

"I like normal dynamic scanning, general web applications scanning, and vulnerability assessments."

"Parallel scans can be done with PortSwigger Burp Suite Enterprise Edition."

"Its automated scanning feature saves time."

"The most valuable part is that a beginner can run those scans and the V scanning of that particular vulnerability."

More PortSwigger Burp Suite Enterprise Edition pros

Cons

"The patching process with Qualys Patch Management, which is part of TotalCloud, does not cover installing certain prerequisites on the servers or workstations. This shortcoming means we must rely on SCCM when any service stack updates or additional prerequisites are needed."

"I would like the ability to disable certain default built-in policies as they can be misleading when creating dashboards. That is the top one."

"The downside is only in container security, but it has not been a long time since they introduced these models."

"A feature improvement could be the inclusion of Windows OS support for container security, as it is currently only supported for Linux."

"Qualys TotalCloud needs to improve its accuracy for non-Windows operating systems."

"The price is very expensive, actually."

"Although TotalCloud is a helpful tool, some of its advanced features are still under development."

"The support process is inefficient due to the excessive number of replies required when submitting tickets."

More Qualys TotalCloud cons

"We have had issues during upgrades where their scans worked on some apps better with previous versions. Then, we had to work with their tech support, who were great, to get it fixed for the next version."

"Acunetix needs to include agent analysis."

"The solution's pricing could be better."

"Currently only supports web scanning."

"Integration into other tools is very limited for Acunetix. While we're trying to incorporate a CI/CD process where we're integrating with JIRA and we're integrating with Jenkins and Chef, it becomes problematic. Other tools give you a high integration capability to connect into different solutions that you may already have, like JIRA."

"One of the biggest problems I've had with Acunetix is that it's hard to replicate things manually because you don't get the raw packet."

"There is room for improvement in the pricing."

"In terms of additional features, we are currently missing some tools that would allow us to work more efficiently with the mobile environment, with Android and iOS."

More Acunetix cons

"PortSwigger Burp Suite Enterprise Edition should incorporate a static code analysis feature. One main issue we encounter is false positives. False positives can be challenging for developers."

"The product needs to have the ability to evaluate more."

"It would be better if the solution is cloud-based."

"The stability of the scans could be improved."

"There's definitely room for improvement. There are lots of false positives. Once I do the manual assessment, it comes as a false positive. They need to improve the Enterprise Edition, especially the part that gives false positives."

"From my personal experience, the solution's performance could be improved."

"There are features or functionality missing, but PortSwigger Burp Suite Enterprise Edition does try to update frequently to alleviate the shortcomings."

"Scalability could be better."

More PortSwigger Burp Suite Enterprise Edition cons

Pricing and Cost Advice

"Qualys TotalCloud is expensive, but it offers a premier solution with no headaches."

"TotalCloud's price is about right where I would expect it to be."

"It isn't cheap, but it's reasonable. It helps us to manage things with very few resources."

"Qualys TotalCloud offers cost-effective licensing flexibility."

"Although Qualys TotalCloud is relatively expensive due to its unique automation features, its cost-effectiveness is rated an eight out of ten, with ten being the most costly."

"The cost is high, but it meets our organizational needs."

"Qualys TotalCloud offers competitive pricing given its comprehensive suite of features, including integration, assessment, remediation, and detection capabilities, all within a single platform."

"Qualys TotalCloud offers good pricing that is affordable and competitive with the market. Our partnership also provides us with additional benefits."

More Qualys TotalCloud pricing and cost advice

"When compared with other products, the pricing is a little bit high. But it gives value for the price. It serves the purpose and is worthwhile for the price we pay."

"When we looked at all other vendors and what they were asking for, to provide a third of what Acunetix was capable of doing, it was an easy decision... But now that it's coming to a cost where it's line with market value, it becomes more of a competition... Acunetix is raising the cost of licensing. It's 3.5 times what we were initially quoted."

"The cost is based on two types of licenses, ConsultLite, and ConsultPlus, as well as the number of domains that are scanned."

"The pricing and licensing are reasonable to a point. In order to run multiple scans at a time, we are going to have to purchase a 100 count license, which is an overkill. Though, compared to what we were paying for, the cost seems reasonable."

"Implementing Acunetix needs a medium or larger business agency, because you need some money to get Acunetix. It is costly, but if you care about your agency's security, then maybe it's a cost that might help you in the future."

"It is a bit expensive. If you need to check five applications, you have to pay almost 14,000. It is an agreement for two years at 7,000 per year for only five applications. You cannot change the applications in the license. So, you are stuck with the same license for the five applications for one full year."

"The price is exceptionally high."

"All things considered, I think it has a good price/value ratio."

More Acunetix pricing and cost advice

"Although the solution can be a bit expensive for small companies, its pricing is fairly reasonable for its capabilities."

"The tool's pricing is reasonable and costs around 400 dollars per year."

"PortSwigger Burp Suite Enterprise Edition is neither a cheap nor an expensive product. PortSwigger Burp Suite Enterprise Edition is a good tool for companies."

"PortSwigger Burp Suite Enterprise Edition is expensive compared to other solutions."

"For Professional, it's about $400 per year."

See which vendors are best for you

Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.

See recommendations

900,838 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Manufacturing Company

17%

Financial Services Firm

14%

Construction Company

Comms Service Provider

Financial Services Firm

12%

Manufacturing Company

10%

Computer Software Company

Comms Service Provider

Financial Services Firm

19%

Computer Software Company

Manufacturing Company

Construction Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	10
Midsize Enterprise	3
Large Enterprise	29

By reviewers
Company Size	Count
Small Business	18
Midsize Enterprise	7
Large Enterprise	19

By reviewers
Company Size	Count
Small Business	5
Midsize Enterprise	2
Large Enterprise	7

Questions from the Community

What is your experience regarding pricing and costs for Qualys TotalCloud?

The price is very expensive, actually.

What needs improvement with Qualys TotalCloud?

Areas that need improvement in every solution include the remediation part. The remediation steps should be simple en...

What is your primary use case for Qualys TotalCloud?

Our use case involves the assets that we have under cloud, the assets exposed to the internet, and the internal appli...

What is your primary use case for Acunetix Vulnerability Scanner?

In a typical enterprise environment, Acunetix is mainly used for visibility, detection, and investigation across netw...

What advice do you have for others considering Acunetix Vulnerability Scanner?

I advise that Acunetix is the best option. Invest time in proper initial configuration and scope definitions. The too...

What is your experience regarding pricing and costs for Acunetix?

Everything is perfect and good, including the pricing and all related aspects.

What is your experience regarding pricing and costs for PortSwigger Burp Suite Enterprise Edition?

I am using the Community Edition, which is free, however, I understand there might be extra expenses for additional f...

What needs improvement with PortSwigger Burp Suite Enterprise Edition?

It would be beneficial if Burp Suite provided predefined payloads for each attack category, such as SQL injection and...

What is your primary use case for PortSwigger Burp Suite Enterprise Edition?

I work with security testing tools for SaaS, focusing on static application security testing and using tools like Bur...

Microsoft Defender for Cloud vs Qualys TotalCloud

Comparisons

Wiz vs Qualys TotalCloud

Compared 11% of the time

Compared 8% of the time

Prisma Cloud by Palo Alto Networks vs Qualys TotalCloud

Compared 6% of the time

JupiterOne vs Qualys TotalCloud

Compared 5% of the time

Nucleus Security vs Qualys TotalCloud

Compared 5% of the time

More Qualys TotalCloud Competitors

PortSwigger Burp Suite Professional vs Acunetix

Compared 8% of the time

OWASP Zap vs Acunetix

Compared 7% of the time

HCL AppScan vs Acunetix

Compared 4% of the time

Invicti vs Acunetix

Compared 4% of the time

Syhunt Hybrid vs Acunetix

Compared 2% of the time

More Acunetix Competitors

Seal Security vs PortSwigger Burp Suite Enterprise Edition

Compared 30% of the time

Rapid7 Metasploit vs PortSwigger Burp Suite Enterprise Edition

Compared 7% of the time

Rapid7 InsightAppSec vs PortSwigger Burp Suite Enterprise Edition

Compared 6% of the time

Tenable Nessus vs PortSwigger Burp Suite Enterprise Edition

Compared 5% of the time

AppCheck vs PortSwigger Burp Suite Enterprise Edition

Compared 5% of the time

More PortSwigger Burp Suite Enterprise Edition Competitors

Product Reports

Qualys TotalCloud

Download Qualys TotalCloud product report

Acunetix

Download Acunetix product report

PortSwigger Burp Suite Enterprise Edition

Download PortSwigger Burp Suite Enterprise Edition product report

PortSwigger Burp Suite Enterprise Edition report

Also Known As

Qualys TotalCloud with FlexScan

AcuSensor

No data available

Overview

Qualys TotalCloud enhances security posture across cloud environments with continuous monitoring, vulnerability management, and risk visualization, ensuring efficient threat assessment and automated remediation for improved cyber risk reduction.

Qualys TotalCloud offers a robust suite of security tools essential for organizations managing multi-cloud infrastructures. By integrating cloud accounts and automating workflows, it supports AWS, Azure, and GCP, offering comprehensive vulnerability management and zero-day detection. The platform's user-friendly design, combined with its extensive risk management and unified threat assessment capabilities, enables organizations to prioritize and remediate vulnerabilities effectively. TruRisk Insights provides clear insights on cyber risks, while the automation options streamline patch management and scanning processes. API integration across IaaS and SaaS environments further enhances resource allocation efficiency and saves time, addressing misconfigurations across cloud environments.

What are the most important features of Qualys TotalCloud?

Accurate Vulnerability Reports: Delivers precise and actionable insights for risk mitigation.
Zero-Day Detection: Identifies and addresses zero-day vulnerabilities proactively.
Unified Threat Assessment: Offers comprehensive evaluation of threats across the environment.
Extensive Risk Management: Manages risks effectively with advanced insights and prioritization.
Continuous Monitoring: Provides non-stop surveillance for vulnerabilities and threats.
Cloud-Native Automation: Streamlines processes and reduces manual efforts using automation.
FlexScan for Internet-Facing VMs: Scans external VMs efficiently to detect vulnerabilities.
Dashboard Risk Visualization: Clear visualization helps prioritize vulnerabilities.

What benefits and ROI should users look for?

Improved Security Posture: Enhances threat detection and response across clouds.
Time Savings: Automation reduces time spent on manual vulnerability management.
Resource Efficiency: Better allocation of resources through streamlined workflows.
Enhanced Risk Prioritization: Focus on critical vulnerabilities for effective mitigation.
Integrated Cloud Accounts: Facilitates seamless cloud management and security.

Qualys TotalCloud is deployed in sectors needing rigorous vulnerability management, such as finance and healthcare. Companies utilize it to secure multi-cloud environments like AWS, Azure, and GCP, focus on compliance, and integrate security into CI/CD pipelines to detect and remedy threats pre-deployment.

Qualys

Acunetix is a dynamic application security tool used globally for web application vulnerability scanning, focusing on SQL injection and cross-site scripting.

Acunetix provides a comprehensive web vulnerability assessment platform designed for identifying and remediating security threats. Users benefit from its ability to schedule scans, boasting a fast detection rate for common vulnerabilities. The tool's centralized dashboard helps organizations with compliance monitoring and features such as crawling and login sequence enhancements, contributing depth to its security assessments. Despite high praise for its integration capabilities and automated scanning that saves time, pricing and false positives present challenges. Organizations often use Acunetix to maintain internal security and evaluate pre-release environments.

What are Acunetix's main features?

Comprehensive Reporting: Detailed reports assist in security analysis and compliance audits.
User-Friendly Interface: Simple navigation enhances user experience.
Scheduled Scans: Automation of scans allows for continuous monitoring.
Fast Detection: Quickly identifies vulnerabilities like SQL injection and cross-site scripting.
Integration Capabilities: Scalable solutions with compatibility across applications.
Crawling & Login Sequence: Improves depth in security analysis.

What benefits should businesses look for in reviews?

Low False Positive Rate: Accurate vulnerability detection saves time in analysis.
Time Efficiency: Automated scans reduce manual workload, improving team productivity.
Scalability: Integration features help accommodate growth and complexity.
Compliance Support: Centralized dashboard supports regulatory compliance checks.

In industries like finance, healthcare, and technology, Acunetix assists in protecting sensitive data through robust scanning and reporting capabilities. Its ability to perform dynamic assessments makes it a chosen tool in regulatory environments and development settings, offering both internal security inspections and pre-release evaluations.

Invicti

PortSwigger Burp Suite Enterprise Edition is a comprehensive tool for web application security testing, emphasizing ease of use for dynamic scanning and vulnerability assessments. Its automation capabilities enhance efficiency and insights into API, web, and mobile app security.

PortSwigger Burp Suite Enterprise Edition is designed for vulnerability assessment, web app security testing, and dynamic application scanning. It enables teams to perform thorough assessments through automated brute force and active scanning features. With extensions, CI/CD integration, and automation, it provides a scalable environment, supporting manual and automated testing seamlessly. Users benefit from effective network call logging, vulnerability interception, and customizable scripting. Organizations from sectors such as IT services and medical equipment rely on it for penetration testing and application auditing, benefiting from its frequent improvements and integration capabilities.

What are the key features of PortSwigger Burp Suite Enterprise Edition?

Active Scan: Facilitates comprehensive exploration and security insights.
Automation and CI/CD Integration: Enhances efficiency through seamless workflow integration.
Extensions: Expands functionality to meet specific testing needs.
Parallel Scans: Supports high ROI by enabling multiple simultaneous tests.
Customizable Scripting: Offers tailored testing scenarios for diverse applications.

What benefits and ROI should users consider?

Ease of Use: Allows even beginners to conduct dynamic scanning.
Scalability: Ensures efficient assessments across large environments.
Process Optimization: Seamless integration supports streamlined workflow.
Frequent Improvements: Regular updates to address current issues and needs.

In sectors like medical devices and IT services, PortSwigger Burp Suite Enterprise Edition is integral for penetration testing and compliance verification. Teams use it for manual and automated testing in web and mobile applications, assessing APIs and interpreting network calls to enhance security and certification processes.

PortSwigger

Sample Customers

Information Not Available

Joomla!, Digicure, Team Random, Credit Suisse, Samsung, Air New Zealand

Nasa, Disney, Dow Jones, Iberia Bank, IBM, Ernest and Young, Apple, Ryanair, Thyssenkrupp, Delivery Hero

Acunetix vs. PortSwigger Burp Suite Enterprise Edition