BurpSuite Enterprise License

Description

Burp Suite Enterprise Edition

Scan it all. With the enterprise-enabled dynamic web vulnerability scanner.

Features

Burp Scanner
Catch the latest vulnerabilities with Burp Scanner – the dynamic (DAST) web vulnerability scanner trusted at over 16,000 organizations.

Recurring scanning
Set your scans to run on a daily, weekly, or even monthly basis.

Scalable scanning
Scale the number of concurrent scans you have available, with our transparent subscription options.

Easy scan set-up
Point and click scanning – just a URL required. Or trigger via CI/CD.

Bulk actions
Manage security more easily, with bulk actions for operations like canceling scans, or launching quick scans.

Out-of-box configurations
Use preset scan modes ranging from Lightweight to Deep, or create your own custom scan configurations.

API scanning
Discover more potential attack surface. Burp Scanner parses JSON or YAML API definitions – scanning any API endpoints it finds.

Authenticated scanning
Scan privileged areas of target applications, even if they use complex login mechanisms like single sign-on (SSO).

Browser powered scanning
Burp Scanner uses its embedded browser to render its target – enabling it to navigate even complex single-page applications (SPAs).

Add OAST to dynamic scans
Automated OAST was pioneered by PortSwigger, and can identify many vulnerabilities with tremendous accuracy.

Custom configurations
Specify crawl maximum link depth, reported vulnerabilities, fast versus exhaustive results, and more.

All major CI/CD platforms
Integrate with platforms including Jenkins and TeamCity. See vulnerabilities in your development environment.

Vulnerability management platforms
Integrate scanning and security reporting into your own management and orchestration systems.

Burp extensions
Tailor Burp Scanner to your exact requirements, by writing your own extensions, or by downloading them from the BApp Store.

Multiple deployment options
Choose from a standard deployment with an interactive installer, or a Kubernetes deployment using a Helm chart.

Issue tracking platforms
Track issues with Jira, GitLab, and Trello. Auto ticket generation, severity / confidence level triggers, and unlimited boards.

GraphQL API
Initiate, schedule, cancel, update, and work through your scans, to get the exact data you need, with a GraphQL API.

Single sign-on (SSO)
Enable users to log in easily – with a variety of SSO options (SAML or LDAP, as well as SCIM). Integrate with any identity provider – including ADFS, Okta, or Active Directory.

Role based access control
Multi-user, role-based functionality for site hierarchy, scan detail and reporting. Give everyone control.

Compatible configurations
Manually integrate configurations from Burp Suite Pro, directly into your fully automated Enterprise environment.

Dashboards
Graphical dashboards allow you to view bugs by severity or type. See security posture for all or just part of your organization.

Report exporting
Export tailored HTML reports. Include any level of detail, severity, and confidence you require.

Scan history
Metrics include changes by issue type and severity. See when and where bugs were introduced.

Intuitive UI
Almost all features can be controlled through an intuitive, attractive UI. This opens security up to everyone.

Remediation advice
Every issue Burp Scanner finds comes with actionable remediation advice from PortSwigger Research and the Web Security Academy.

Rich email reporting
Get reports emailed to the right members of your team, to tailor your communications effectively.

Security posture graphing
View deltas and other changes to visually represent your security posture’s evolution. Know your attack surface.

Aggregated issue reporting
Organize issues by their class at the touch of a button. Focus on the vulnerabilities you want to fix.

Compliance reporting
Check for vulnerabilities relevant to the PCI DSS standard and 2021 OWASP Top 10, across your whole web portfolio.