Research Academy
My account Customers About Blog Careers Legal Contact Resellers

PROFESSIONAL

Issue activity

  • Last updated: June 8, 2023

  • Read time: 2 Minutes

Any issues that Burp Scanner finds are added to the issue activity table. You can view this table in two places:

  • In the Issue activity panel on the Dashboard - this contains issues from all scans and live tasks.
  • In the Issue activity tab of the task details window - this contains issues from an individual task.

Note

Each issue is only recorded the first time it is found. If you scan the same site multiple times:

  • New entries are added for issues not found in previous scans.
  • Previously logged issues are updated with any new evidence that is found.

The Issue activity table enables you to:

  • Monitor scan results.
  • Review new issues as they are reported.
  • View details of deferred interactions with the Burp Collaborator server.

Each item in the issue activity table contains the following details:

  • # - An index number for the item.
  • Task - The number of the task that identified the issue.
  • Time - The time that the activity occurred.
  • Action - The action that was performed. For example, finding an issue or adding evidence.
  • Issue type - The issue type.
  • Host - The host and URL path for the issue.
  • Path - Where applicable, the insertion point for the issue.
  • Severity - High, medium, low, or information.
  • Confidence - Tentative, firm, or certain.
  • Comment - Any user-applied comment. Double-click this field to add a comment.

Analyzing the issue activity

To filter the issue activity table, use the buttons at the top of the table. You can filter by severity and confidence. In the issue activity table on the Dashboard, you can also filter by your target scope.

To filter the issues by a specific term, use the search function.

Select an item to view a summary of the issue, as well as the requests and responses that were the basis for reporting the issue. If the issue was triggered by a payload, this is highlighted in a Request tab. If the issue is reflected in the response, this is highlighted in a Response tab.

Right-click an item to perform various actions as part of your workflow:

  • Add comment - Add a comment to the item.
  • Highlight - Apply a highlight to the item. You can also use the drop-down menu in the index cell.
  • Set severity - Reassign the severity level, or restore the original severity level. You can flag the issue as a false positive.
  • Set confidence - Reassign the confidence level of the issue, or restore the original confidence level.
  • Report selected issues - Generate a report of the selected issues. For more information, see Reporting scan results.

If you set the severity or confidence level, or capture additional evidence for the issue, then the issue is displayed with its updated details. You won't be able to view the original details unless you restore them.

Related pages

  • Auditing - Gives detailed information on the auditing process, including issue types.
  • Target scope - Gives detailed information on how to set a target scope.

Was this article helpful?