Compare
Compare anything, side by side
Pick up to 4 security testing and we'll lay out their specifications side by side. Apples to apples only — once you pick the first item, the picker locks to its category so you don't end up comparing Selenium with OWASP Top 10.
×
Burp Suite
PortSwigger
Commercial
Free Tier
Enterprise
Industry-standard web vulnerability scanner & proxy.
Visit website ↗Side-by-side
Specification comparison
Schema: Tools. Missing values are marked "Not available yet" — those are next on our research list.
Rating key:
Positive / Free / Fast
Limited / Moderate
Difficult / Steep
Informational
| Attribute | |
|---|---|
| Pricing |
Community
Free / Pro $475/yr / Enterprise from $8k/yr
|
| Free tier / OSS |
Community
Edition (limited)
|
| License | Commercial |
| Testing type | Security / DAST |
| Languages / SDKs | Java extensions (Burp Extender API) |
| Supported platforms | Windows, macOS, Linux |
| Parallel testing |
Limited
— Enterprise edition only
|
| Speed | Moderate |
| Key integrations | Jenkins, GitHub, JIRA, CI/CD via Enterprise |
| Learning curve |
Moderate
to steep
|
| Community / Support |
Industry
standard for AppSec
|
| Maintained by | PortSwigger |
| First released | 2003 |
| Latest version | See website |
| Best suited for | Manual & semi-automated web app security testing |
| Official site | portswigger.net/burp ↗ |
Missing something?
Submit a tool, certification or service provider and we'll add it to the catalogue.