If you or your teams use Splunk for your Security Information and Event Management (SIEM), you may like to integrate this with Burp Suite Enterprise Edition. Once configured, this enables you to ...

This release gives you better visibility of the crawl paths found by Burp Scanner, introduces support for sharing issues with Splunk, and enables you to use custom extensions, BChecks, and BApps with ...

Cross-site request forgery (CSRF) is an attack which forces an end user to execute unwanted actions on a web application to which they are currently authenticated. CSRF vulnerabilities may arise when ...

Best for pentesters and hands-on security professionals. Free up testing time with scalable, automated scanning Automated DAST scanning without limits. Free up testing time with trusted Burp ...

Adding authentication credentials for web app sites enables Burp Scanner to discover and audit content that is only accessible to authenticated users. You can add the following types of authentication ...

This section describes how to generate Standard and Compliance reports. You can send scan summary reports automatically, by email.

Burp Suite Enterprise Edition enables you to upload an OpenAPI definition to run a specific API scan. You can add new API definitions at any time. API definitions are managed in the Sites menu. Each ...

SQL injection vulnerabilities arise when user-controllable data is incorporated into database SQL queries in an unsafe manner. An attacker can supply crafted input to break out of the data context in ...

The response contains two or more Set-Cookie headers that attempt to set the same cookie to different values. Browsers will only accept one of these values, typically the value in the last header. The ...

You can integrate CI-driven scans into your CI/CD pipeline. This enables Burp Scanner to run from a Docker container, and report results back to your Burp Suite ...

When you add extensions to Burp Suite Enterprise Edition, they are uploaded to your Extension library. Users can then apply extensions from this central repository on a site-by-site basis for them to ...

This section explains how to configure SAML SSO using Entra ID (formerly Azure AD) as your identity provider. You may also need to refer to the Entra ID documentation. To configure Burp Suite ...