Buy a Burp Suite Certified Practitioner exam, pass before 15 Dec, and we'll refund your $99.  –   Find out more

ENTERPRISE

Integrating with Slack

  • Last updated: November 11, 2021

  • Read time: 4 Minutes

If you or your teams use Slack, you may like to set up an integration with Burp Suite Enterprise Edition. Once configured, this enables you to receive automatic notifications to specific Slack channels when Burp Suite Enterprise Edition scans start, finish, or fail.

Prerequisites

  • You are the Workspace Owner within your Slack workspace.
  • You have created one or more channels in Slack that you want to connect with Burp Suite Enterprise Edition.

Create a Slack app

First, you need to create a Slack app which Burp Suite Enterprise Edition will use to send messages to Slack.

  1. In your browser, sign in to your Slack workspace as the Workspace Owner.
  2. If you've not already done so, you'll need to create a channel for your app to communicate with. From the left-hand menu of the main Slack communication platform, under Channels, click on Add channels, then Create a new channel.
  3. Add some information to help you identify your channel, set your desired level of privacy, and click the Create button. Follow the prompts to add relevant members to the channel.
  4. Open a new browser tab and visit the Your Apps page in Slack. In the upper-right hand corner, click the Create New App button.
  5. Select the From scratch option.
  6. Give your app a name (e.g. Burp Suite Enterprise Edition), and select the Slack workspace you want to use the app in. Click the Create App button. This will take you to your app's information page.
  7. From the left-hand navigation menu, under Features, select OAuth & Permissions. Scroll down to the Scopes section.
  8. Under Bot Token Scopes, click Add an OAuth Scope and add the following scopes:
    • channels:read
    • groups:read
    • im:read
    • mpim:read
    • chat:write
    • users:read
  9. From the left-hand navigation menu, under Settings, select Basic Information.
  10. (Optional) Under Display Information, you can upload an icon to help you identify the app more easily. For example, you can use the Burp Suite Enterprise Edition logo.
  11. Under Install your app, click on the Install to Workspace button. When prompted, click Allow.
Adding bot token scopes to Burp Suite Enterprise Edition Slack bot

Add the app to your Slack channels

Once you've created a Slack app for Burp Suite Enterprise Edition, you need to add the app to each channel that you want to receive scan notifications. The channels you add the app to at this stage will subsequently become available for use in Burp Suite Enterprise Edition.

  1. Go to the Slack workspace in which you created the app.
  2. From the left-hand navigation menu, under Channels, click the name of a channel that you want to make available in Burp Suite Enterprise Edition.
  3. At the top of the screen, click the name of the channel to open the channel details dialog.
  4. Go to the Integrations tab. From the Apps section, select the option to Add an App.
  5. In the list, find the app you just created, and click the Add button.
  6. Repeat this process for any other channels that you want to make available in Burp Suite Enterprise Edition.
Adding a Burp Suite Enterprise Edition app to Slack

Connect your Slack app to Burp Suite Enterprise Edition

Next, we need to configure the connection between the Slack app we just created, and Burp Suite Enterprise Edition. For this, we will use an OAuth token.

Note

Burp Suite Enterprise Edition does not currently support rotating OAuth tokens. If you wish to add new functionality or permissions to your Slack app, you will need to generate a new OAuth token and share this with Burp Suite Enterprise Edition.

  1. Go to the Your Apps page in Slack, and select the Slack app you just created.
  2. From the left-hand navigation menu under Features, click OAuth & Permissions.
  3. Under OAuth Tokens for Your Workspace , locate the Bot User OAuth Token, and copy it to your clipboard.
  4. Log in to Burp Suite Enterprise Edition as an administrator. From the settings menu, select Slack Integration.
  5. Paste your Slack OAuth token into the provided field, and click Connect. A list of all of the Slack channels to which you added the Slack app should now be imported.
Adding a Slack OAuth token to Burp Suite Enterprise Edition

Manage which Slack channels are available

Once you have added your Slack OAuth token to Burp Suite Enterprise Edition, any Slack channels with the app installed will be visible in the Slack integration section under Slack channels.

By default, communication to these channels is disabled. Any channels you enable here will be available for selection when creating or editing a site.

Managing Slack channels in Burp Suite Enterprise Edition

Assigning Slack channels to sites

Once you've completed the Slack integration as described above, you can assign Slack channels to your sites. This means they will receive notifications whenever a scan starts, fails, or finishes for this site.

  • Go to the site's Details tab and click Edit.
  • Under Send scan notifications to Slack, use the drop-down menu to select a Slack channel.
  • To add more channels, use the plus icon (+).
  • Click Save.

This option is also available when creating new sites.

Adding Slack integration to pre existing sites in Burp Suite Enterprise Edition