ENTERPRISE

Managing auto-scaling scan resources

  • Last updated: May 17, 2022

  • Read time: 3 Minutes

If you deploy Burp Suite Enterprise Edition to Kubernetes, you don't have to set up and manage individual scanning machines. Instead, the system automatically creates additional resources to cope with the number of concurrent scans that you need to run at any given time. These resources are then scaled back down again once they are no longer needed.

Note

Kubernetes deployments support auto-scaling scanning machines only. You cannot run a fixed scanning machine setup on Kubernetes.

Auto-scaling overview

Auto-scaling can reduce your cloud computing costs because you only need to pay for the scan resources that you are actually using at any given time. In addition, the number of concurrent scans that you can run is no longer limited by how powerful your deployed machines are. Instead, auto-scaling means that your deployment can always run as many concurrent scans as your license covers. It is also possible to set a manual limit on the number of concurrent scans you can run.

This page explains how auto-scaling works in Burp Suite Enterprise Edition and how to configure the maximum number of scans that are allowed to run concurrently.

Note

In this documentation, the term "auto-scaling" refers to Burp Suite Enterprise Edition automatically creating and deleting resources to handle scan jobs. This page does not cover configuring the Kubernetes cluster to automatically scale its own computing resource. For information on how to configure computing resource auto-scaling, check your cloud provider's documentation.

Setting concurrent scan limits

Although Kubernetes theoretically enables Burp Suite Enterprise Edition to scale to any size, this is in practice limited by the number of concurrent scans that your license covers. If required, you can set a lower concurrent scan limit via the Scan resources settings page of the Burp Suite Enterprise Edition UI. Limiting concurrent scans enables you to control the amount of cloud resource that can potentially be dedicated to scanning at any one time.

scan resources page

To configure scan limits:

  1. Sign in to the Burp Suite Enterprise Edition UI and select Settings > Scan resources to display the Scan resources settings page.
  2. Make sure that the Enable scanning toggle is set to "on".
  3. If required, set a scan limit by selecting the Set a concurrent scan limit radio button and entering the maximum number of concurrent scans that you want Burp Suite Enterprise Edition to be able to run in the field below.

    Alternatively, leave the default Run as many concurrent scans as my license allows radio button selected.

  4. Select Save to confirm your changes.

Any changes to your concurrent scan limit do not affect scans that are currently running. However, if you increase your scan limit and there are currently scans queued, then those scans will start as soon as there are sufficient resources available in the cluster to do so (up to the limit specified).

Note

It can take a few minutes for new clusters to scale up after activation.

Disabling scanning

You can enable and disable scanning using the Enable scanning toggle on the Scan resource setting page of Burp Suite Enterprise Edition.

If you disable scanning then Burp Suite Enterprise Edition will not start any new scans, although any scans that were in progress at the time continue.

Amending your license

You can change the number of concurrent scans that your license covers at any time. When you upload a new license that enables you to run more concurrent scans, then by default Burp Suite Enterprise Edition increases your scan limit automatically. However, if you have a concurrent scan limit set on the Scan resources page then you would need to increase this limit manually in order to run the new maximum number of concurrent scans.

If you decrease the number of scans covered by your license then the system finishes any scans that are already in progress, even if this exceeds your new limit. For example, if you have ten scans in progress and you reduce your license to cover seven concurrent scans, then Burp Suite Enterprise Edition applies the new limit once three of your in-progress scans have completed.

Managing active scans

The Active scan jobs panel of the Scan resources settings page displays all auto-scaling scans that are currently either running or queued. To view details of an individual scan, click its View button.

More information: