# Burp Suite vs Qualys VMDR Comparison | | Burp Suite | Qualys VMDR | |---|---|---| | **Star Rating** | 4.8 out of 5 | 4.4 out of 5 | | **Total Reviews** | 129 | 167 | | **Largest Market Segment** | Mid-Market (40.0% of reviews) | Enterprise (52.1% of reviews) | | **Entry Level Price** | $475.00 1 User Per Year | No pricing available | --- ## Top Pros & Cons ### Burp Suite Pros: - Ease of Use (12 reviews) - User Interface (8 reviews) Cons: - Expensive (5 reviews) - Slow Performance (5 reviews) ### Qualys VMDR Pros: - Customer Support (2 reviews) - Features (2 reviews) Cons: - Complexity (2 reviews) - Complex Reporting (1 reviews) --- ## Ratings Comparison | Rating | Burp Suite | Qualys VMDR | |---|---|---| | **Meets Requirements** | 9.4 (105 reviews) | 8.7 (117 reviews) | | **Ease of Use** | 8.8 (108 reviews) | 8.7 (116 reviews) | | **Ease of Setup** | 9.3 (43 reviews) | 8.4 (78 reviews) | | **Ease of Admin** | 9.2 (28 reviews) | 8.6 (76 reviews) | | **Quality of Support** | 8.7 (94 reviews) | 8.1 (112 reviews) | | **Has the product been a good partner in doing business?** | 9.7 (26 reviews) | 8.6 (77 reviews) | | **Product Direction (% positive)** | 9.3 (104 reviews) | 8.2 (102 reviews) | --- ## Pricing ### Burp Suite #### Entry-Level Pricing Plan: Burp Suite Professional Price: $475.00 1 User Per Year Description: Test, find and exploit vulnerabilities faster with the complete manual testing toolkit. Best for pentesters and hands-on security professionals. Key Features: - Map your entire attack surface, including hidden and dynamic content. - Intercept, inspect, and modify HTTP/S traffic in real time with Proxy. - Test protected areas and APIs including OpenAPI, GraphQL, and SOAP. [Browse all 2 editions](https://www.g2.com/products/burp-suite/pricing) #### Free Trial No ### Qualys VMDR #### Entry-Level Pricing No pricing available #### Free Trial No information available --- ## Features Comparison By Category ### Cloud Workload Protection Platforms | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | 7.8/10 | 9 | #### Management | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Dashboards and Reports** | Not enough data | 8.5 (9 reviews) | | **Workflow Management** | Not enough data | 7.4 (9 reviews) | | **Administration Console** | Not enough data | 8.0 (9 reviews) | #### Operations | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Governance** | Not enough data | 8.1 (9 reviews) | | **Logging and Reporting** | Not enough data | 8.5 (9 reviews) | | **API / Integrations** | Not enough data | 7.8 (9 reviews) | #### Security Controls | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Anomaly Detection** | Not enough data | 7.4 (9 reviews) | | **Data Loss Prevention** | Not enough data | 7.4 (9 reviews) | | **Security Auditing** | Not enough data | 7.6 (9 reviews) | | **Cloud Gap Analytics** | Not enough data | 7.4 (9 reviews) | ### Penetration Testing | Product | Score | Reviews | |---|---|---| | **Burp Suite** | 9.3/10 | 23 | | **Qualys VMDR** | N/A | N/A | #### Administration | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **API / Integrations** | 8.7 (18 reviews) | Not enough data | | **Extensibility** | 8.9 (19 reviews) | Not enough data | | **Reporting and Analytics** | 9.0 (19 reviews) | Not enough data | #### Analysis | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Issue Tracking** | 8.3 (15 reviews) | Not enough data | | **Reconnaissance** | 9.3 (23 reviews) | Not enough data | | **Vulnerability Scan** | 8.9 (23 reviews) | Not enough data | #### Testing | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Command-Line Tools** | 7.1 (14 reviews) | Not enough data | | **Manual Testing** | 9.4 (22 reviews) | Not enough data | | **Test Automation** | 8.1 (20 reviews) | Not enough data | | **Performance and Reliability** | 8.8 (22 reviews) | Not enough data | ### Dynamic Application Security Testing (DAST) | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | N/A | N/A | #### Administration | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **API / Integrations** | Not enough data | Not enough data | | **Extensibility** | Not enough data | Not enough data | #### Analysis | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Reporting and Analytics** | Not enough data | Not enough data | | **Issue Tracking** | Not enough data | Not enough data | | **Static Code Analysis** | Feature Not Available | Not enough data | | **Vulnerability Scan** | Not enough data | Not enough data | | **Code Analysis** | Feature Not Available | Not enough data | #### Testing | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Manual Testing** | Feature Not Available | Not enough data | | **Test Automation** | Not enough data | Not enough data | | **Compliance Testing** | Not enough data | Not enough data | | **Black-Box Scanning** | Not enough data | Not enough data | | **Detection Rate** | Not enough data | Not enough data | | **False Positives** | Not enough data | Not enough data | ### Container Security | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | N/A | N/A | #### Administration | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Risk Scoring** | Not enough data | Not enough data | | **Secrets Management** | Not enough data | Not enough data | | **Security Auditing** | Not enough data | Not enough data | | **Configuration Management** | Not enough data | Not enough data | #### Monitoring | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Continuous Image Assurance** | Not enough data | Not enough data | | **Behavior Monitoring** | Not enough data | Not enough data | | **Observability** | Not enough data | Not enough data | #### Protection | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Dynamic Image Scanning** | Not enough data | Not enough data | | **Runtime Protection** | Not enough data | Not enough data | | **Workload Protection** | Not enough data | Not enough data | | **Network Segmentation** | Not enough data | Not enough data | ### Cloud Compliance | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | 7.7/10 | 15 | #### Security | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Compliance Monitoring** | Not enough data | 7.5 (14 reviews) | | **Anomoly Detection** | Not enough data | 7.9 (12 reviews) | | **Data Loss Prevention** | Not enough data | 7.5 (12 reviews) | | **Cloud Gap Analytics** | Not enough data | 7.0 (14 reviews) | #### Compliance | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Governance** | Not enough data | 8.3 (12 reviews) | | **Data Governance** | Not enough data | 7.8 (12 reviews) | | **Sensitive Data Compliance** | Not enough data | 8.2 (13 reviews) | #### Administration | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Policy Enforcement** | Not enough data | 7.9 (12 reviews) | | **Auditing** | Not enough data | 7.7 (13 reviews) | | **Workflow Management** | Not enough data | 7.6 (13 reviews) | ### Vulnerability Scanner | Product | Score | Reviews | |---|---|---| | **Burp Suite** | 8.1/10 | 78 | | **Qualys VMDR** | 7.9/10 | 20 | #### Performance | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Issue Tracking** | 8.9 (65 reviews) ✓ Verified | 8.3 (18 reviews) | | **Detection Rate** | 8.6 (69 reviews) ✓ Verified | 8.5 (18 reviews) | | **False Positives** | 7.1 (69 reviews) ✓ Verified | 5.8 (18 reviews) | | **Automated Scans** | 8.6 (69 reviews) | 8.6 (20 reviews) | #### Network | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Compliance Testing** | 7.9 (57 reviews) ✓ Verified | 8.2 (19 reviews) | | **Perimeter Scanning** | Feature Not Available | 8.1 (18 reviews) | | **Configuration Monitoring** | Feature Not Available | 8.4 (16 reviews) | #### Application | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Manual Application Testing** | 9.3 (73 reviews) ✓ Verified | 7.8 (16 reviews) | | **Static Code Analysis** | 7.6 (60 reviews) | 7.6 (15 reviews) | | **Black Box Testing** | 9.0 (68 reviews) ✓ Verified | 8.0 (16 reviews) | #### Agentic AI - Vulnerability Scanner | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Autonomous Task Execution** | 6.3 (5 reviews) | Not enough data | | **Proactive Assistance** | Feature Not Available | Not enough data | ### Risk-Based Vulnerability Management | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | 8.3/10 | 54 | #### Risk Analysis | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Risk Scoring** | Not enough data | 8.7 (47 reviews) | | **Reporting** | Not enough data | 8.3 (50 reviews) | | **Risk-Prioritization** | Not enough data | 8.5 (47 reviews) | #### Vulnerability Assesment | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Vulnerability Scanning** | Not enough data | 8.7 (50 reviews) | | **Vulnerability Intelligence** | Not enough data | 8.7 (50 reviews) | | **Contextual Data** | Not enough data | 8.2 (49 reviews) | | **Dashboards** | Not enough data | 8.5 (50 reviews) | #### Automation | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Automated Remediation** | Not enough data | 7.7 (42 reviews) | | **Workflow Automation** | Not enough data | 7.9 (42 reviews) | | **Security Testing** | Not enough data | 8.4 (45 reviews) | | **Test Automation** | Not enough data | 8.1 (42 reviews) | ### ServiceNow Store Apps | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | N/A | N/A | #### ServiceNow Apps | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **ServiceNow Integration** | Not enough data | Not enough data | | **Value** | Not enough data | Not enough data | #### Agentic AI - ServiceNow Store Apps | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Autonomous Task Execution** | Not enough data | Not enough data | | **Multi-step Planning** | Not enough data | Not enough data | | **Cross-system Integration** | Not enough data | Not enough data | | **Proactive Assistance** | Not enough data | Not enough data | ### Cloud Security | Product | Score | Reviews | |---|---|---| | **Burp Suite** | N/A | N/A | | **Qualys VMDR** | N/A | N/A | #### Cloud Visibility | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Data Discovery** | Not enough data | Not enough data | | **Cloud Registry** | Not enough data | Not enough data | | **Cloud Gap Analytics** | Not enough data | Not enough data | #### Security | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **Data Security** | Not enough data | Not enough data | | **Data loss Prevention** | Not enough data | Not enough data | | **Security Auditing** | Not enough data | Not enough data | #### Identity | Feature | Burp Suite | Qualys VMDR | |---|---|---| | **SSO** | Not enough data | Not enough data | | **Governance** | Not enough data | Not enough data | | **User Analytics** | Not enough data | Not enough data | --- ## Categories **Shared Categories (1):** [Vulnerability Scanner Software](https://www.g2.com/categories/vulnerability-scanner) **Unique to Burp Suite (2):** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast), [Penetration Testing Tools](https://www.g2.com/categories/penetration-testing-tools) **Unique to Qualys VMDR (5):** [Risk-Based Vulnerability Management Software](https://www.g2.com/categories/risk-based-vulnerability-management), [Cloud Compliance Software](https://www.g2.com/categories/cloud-compliance), [Container Security Tools](https://www.g2.com/categories/container-security-tools), [Cloud Workload Protection Platforms](https://www.g2.com/categories/cloud-workload-protection-platforms), [ServiceNow Marketplace Apps](https://www.g2.com/categories/servicenow-store-apps) --- ## Reviewer Demographics ### By Company Size | Segment | Burp Suite | Qualys VMDR | |---|---|---| | **Small-Business** | 31.2% | 20.2% | | **Mid-Market** | 40.0% | 27.6% | | **Enterprise** | 28.8% | 52.1% | ### By Industry #### Burp Suite - **Information Technology and Services:** 28.8% - **Computer & Network Security:** 27.2% - **Computer Software:** 15.2% - **Financial Services:** 4.8% - **Retail:** 3.2% - **Electrical/Electronic Manufacturing:** 2.4% - **Education Management:** 2.4% - **Telecommunications:** 1.6% - **Medical Practice:** 1.6% - **Management Consulting:** 1.6% - **Other:** 11.2% #### Qualys VMDR - **Information Technology and Services:** 22.0% - **Computer & Network Security:** 12.2% - **Financial Services:** 9.1% - **Computer Software:** 7.3% - **Banking:** 4.9% - **Telecommunications:** 3.7% - **Hospital & Health Care:** 3.7% - **Accounting:** 3.0% - **Higher Education:** 2.4% - **Insurance:** 2.4% - **Other:** 29.3% --- ## Alternatives ### Alternatives to Burp Suite - [Intruder](https://www.g2.com/products/intruder/reviews) — 4.8/5 stars (206 reviews) - [Acunetix by Invicti](https://www.g2.com/products/acunetix-by-invicti/reviews) — 4.1/5 stars (105 reviews) - [Invicti (formerly Netsparker)](https://www.g2.com/products/invicti-formerly-netsparker/reviews) — 4.6/5 stars (69 reviews) - [Veracode Application Security Platform](https://www.g2.com/products/veracode-application-security-platform/reviews) — 3.8/5 stars (25 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews) - [Detectify](https://www.g2.com/products/detectify/reviews) — 4.5/5 stars (51 reviews) - [Pentest-Tools.com](https://www.g2.com/products/pentest-tools-com/reviews) — 4.8/5 stars (100 reviews) - [Tenable Vulnerability Management](https://www.g2.com/products/tenable-vulnerability-management/reviews) — 4.5/5 stars (122 reviews) - [GitLab](https://www.g2.com/products/gitlab/reviews) — 4.5/5 stars (890 reviews) - [HCL AppScan](https://www.g2.com/products/hcl-appscan/reviews) — 4.1/5 stars (76 reviews) ### Alternatives to Qualys VMDR - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) — 4.4/5 stars (308 reviews) - [CrowdStrike Falcon Cloud Security](https://www.g2.com/products/crowdstrike-falcon-cloud-security/reviews) — 4.6/5 stars (86 reviews) - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) — 4.7/5 stars (789 reviews) - [Tenable Nessus](https://www.g2.com/products/tenable-nessus/reviews) — 4.5/5 stars (301 reviews) - [FortiCNAPP](https://www.g2.com/products/forticnapp/reviews) — 4.4/5 stars (386 reviews) - [Tenable Vulnerability Management](https://www.g2.com/products/tenable-vulnerability-management/reviews) — 4.5/5 stars (122 reviews) - [Cortex Cloud](https://www.g2.com/products/cortex-cloud/reviews) — 4.1/5 stars (112 reviews) - [Sprinto](https://www.g2.com/products/sprinto-inc/reviews) — 4.8/5 stars (1637 reviews) - [Drata](https://www.g2.com/products/drata/reviews) — 4.7/5 stars (1159 reviews) - [Red Hat Ansible Automation Platform](https://www.g2.com/products/red-hat-ansible-automation-platform/reviews) — 4.6/5 stars (377 reviews) --- ## Top Discussions ### Burp Suite - Title: [Is BurpSuite free?](https://www.g2.com/discussions/is-burpsuite-free) — 2 comments > **Top comment:** "You can have Burpsuite for free as the community edition however there will be certain features which cannot be used in the community edition. To get full..." - Title: [How do i intercept network that i am connected to?](https://www.g2.com/discussions/12021-how-do-i-intercept-network-that-i-am-connected-to) — 2 comments, 1 upvote > **Top comment:** "Check wether the network ip is accessable with the browser. If yes then you can use the same steps as you are using to intersept web applications." - Title: [What is Burp Suite Professional?](https://www.g2.com/discussions/what-is-burp-suite-professional) — 1 comment > **Top comment:** "Burp Suite professional is a security testing tool. Security testing professional or penetration testing professional use this tool for find security..." - Title: [What is BurpSuite used for?](https://www.g2.com/discussions/what-is-burpsuite-used-for) — 1 comment > **Top comment:** "To identify vulnerability" - Title: [You're go to extenion in Burp?](https://www.g2.com/discussions/you-re-go-to-extenion-in-burp) — 1 comment, 1 upvote > **Top comment:** "Intruder, XSSValidator, Sequencer, Encoder, Decoder" ### Qualys VMDR - Title: [What does Qualys Vmdr do?](https://www.g2.com/discussions/what-does-qualys-vmdr-do) — 1 comment > **Top comment:** "It does all the around like scanning, patching of devices using agents, real time monitoring of agents, threat feeds " - Title: [Free version](https://www.g2.com/discussions/26905-free-version) — 1 comment, 1 upvote *(includes official response)* > **Top comment:** "Hi Nasrin, Peanut Butter helps companies offer Student Loan Assistance as a benefit. Leading employers across North America partner with Peanut Butter to..." - Title: [Given an asset, how do I run a vulnerability scan report on demand ad hoc?](https://www.g2.com/discussions/25513-given-an-asset-how-do-i-run-a-vulnerability-scan-report-on-demand-ad-hoc) — 1 comment, 1 upvote > **Top comment:** "You can do that easily by launching an on-demand scan in Qualys too. Thats a very basic feature. You could also drop an Qualys agent on the host OS (The..." --- **Source:** [G2.com](https://www.g2.com) | [Comparison Page](https://www.g2.com/compare/burp-suite-vs-qualys-vmdr)