DAST

Restricting access to sites

• Last updated: June 3, 2025

• Read time: 1 Minute

You can use groups to restrict user access to certain parts of an organization's infrastructure. For example:

• Different people have responsibility for operations, finance, and payroll applications.
• Different people have access to development, staging, and production systems.
• Different people handle applications in different geographical regions.

By default, groups have no restrictions on sites. However, you can configure a group to be restricted to the sites that are relevant to a group's roles. For example, you might want to let a group view scan results for everything within the "Production" folder but disallow the "HR" folder beneath that, because its scan results might contain more sensitive information.

To restrict a group's access to sites:

1. Log in to Burp Suite DAST as an administrator.
2. From the Team menu, select Groups.
3. Select a group from the list, or create a new group.
4. In the Site restrictions tab, click the folders, subfolders or sites that you want to restrict access to.
5. When you're happy with your choices, click Save.