DAST

Restricting access to sites

  • Last updated: July 17, 2025

  • Read time: 1 Minute

You can use groups to restrict user access to certain parts of an organization's infrastructure. For example:

  • Different people have responsibility for operations, finance, and payroll applications.
  • Different people have access to development, staging, and production systems.
  • Different people handle applications in different geographical regions.

By default, groups have no restrictions on sites. However, you can configure a group to be restricted to the sites that are relevant to a group's roles. For example, you might want to let a group view scan results for everything within the "Production" folder but disallow the "HR" folder beneath that, because its scan results might contain more sensitive information.

To restrict a group's access to sites:

  1. Log in to Burp Suite DAST as an administrator.
  2. From the Team menu, select Groups.
  3. Select a group from the list, or create a new group.
  4. In the Site restrictions tab, click the folders, subfolders or sites that you want to restrict access to.
  5. When you're happy with your choices, click Save.