ENTERPRISE
Integrating with CI/CD platforms
-
Last updated: September 14, 2023
-
Read time: 2 Minutes
You can use Burp Suite Enterprise Edition to run CI-driven scans on your CI/CD platform. We also have documents for our legacy solution that used plugins.
CI-driven scans
CI-driven scans enable you to run Burp Scanner from a Docker container in your CI/CD environment. This is an easy way to integrate Burp Suite Enterprise Edition with your CI/CD platform. It requires you to set up a Burp Suite Enterprise Edition server.
You can view the results of your scans in your CI/CD environment, or in the Burp Suite Enterprise Edition dashboard. The scan results are saved as a JUnit XML file.
You can run this option on any platform that supports Docker containers, including Jenkins, TeamCity, and GitHub Actions.
For more information, see Integrating CI-driven scans.
CI-driven scans with no dashboard
You can also run Burp Scanner from a Docker container in your CI/CD environment without the need to set up a Burp Suite Enterprise Edition server. If you don't need access to the Burp Suite Enterprise Edition dashboard, then this option is the easiest to set up.
The results of your scans are saved as a JUnit XML file in your CI/CD environment.
You can run this option on any platform that supports Docker containers, including Jenkins, TeamCity, and GitHub Actions.
For more information, see Integrating CI-driven scans with no dashboard.
CI/CD plugins (legacy)
Our legacy solution was to provide plugins for both Jenkins and TeamCity. We still provide documentation for these plugins for now, to support existing users. This method triggers a scan to run in the Burp Suite Enterprise Edition environment. This is more complex to set up.
For more information, see Using plugins for CI/CD platform integration.