Process your scan results

The quick scan of the dummy site should only take a few minutes to run. The scan results are updated in real time while the scan is running. Once it's finished, the status will change to "Completed". Now that you have some results, we can take a look and see what the scan managed to find.

You can find scan results in a few different ways. The "Sites" page shows an overview of how many issues of each severity were found for each site. This is the total of all scans on that site. The "Scans" page shows the same information, but broken down into the issues found by each individual scan.

To drill down into the scan results and analyze the data properly, click on a scan to open the scan details page.

Analyze an issue

You can see a list of all issues found by the scan on the "Issues" tab. Issues are grouped by their type. You can select various filter options to show issues based on their severity, confidence level, and whether they are new or regressed issues.

If only one issue was found of a particular type, you can click on the issue type to view the more details. If multiple issues were found of this type, you need to expand the issue type and click on the URL where the issue was found. Let's take a look at one of the issues from our dummy site.

  1. From the "Scans" page, open the completed quick-scan that we created.
  2. Among other things, the scan found a couple of reflected cross-site scripting issues that we need to look at. Click on one of these issues to open the issue details.
  3. The "Advisory" tab provides some background information about the issue in general and where it was found. It also offers advice on general measures you can take to resolve this kind of issue.
  4. The "Request" and "Response" tabs show you exactly where the issue occurred. As you can see in the following example, the payload is highlighted in red.
  5. If this was a real issue on your site, you would now contact the relevant developers to ask them to fix it. Later, we'll also show you how you can create Jira tickets directly from an issue.
  6. You can also go to go to the "Reporting & logs" tab to download either a summary or detailed report in HTML format. This can be useful, for example, when your developers do not have access to Burp Suite Enterprise Edition themselves.

The "Scanned URLs" tab provides another entry point for analyzing scan results. You can see each URL path that was scanned and investigate any errors that occurred at a given URL. The "More details" tab shows key information about the scan itself.

Mark an issue as a false positive

As with any automated scanning tool, occasionally issues will be highlighted that, after manual inspection, you might decide are not relevant after all. You can mark issues as false positives so that they are removed from any statistics and reports that you generate in Burp Suite Enterprise Edition.

  1. To mark an issue as a false positive, you can either hover the mouse over it on the issues tab and click on the FP icon that appears, or you can click the "Mark as false positive" button from the issue details page.
  2. You will be prompted to choose whether to also mark similar issues as false positives, either across the whole site or only at the same URL.
  3. Confirm your selection.
  4. The issue will now be "grayed out" in the list and the various charts and statistics shown will be updated to no longer include the selected issues.

Using the dashboards

Once you've run several scans for a site, the dashboards will show various charts and metrics about your security posture. The home page shows a dashboard to give you an overview of your entire range of sites and scans, but individual folders and sites also have their own dashboards to show more granular data.

Some of the charts in the dashboards are interactive, so you can hover the mouse over them to see more information. You can even click on them to drill down into the data and navigate directly to the relevant page for investigating further.

By clicking the three dots in the upper-right corner of a chart, you can also choose to download it in either PNG or JPG format.

Next steps

You have now completed the basic setup of your Burp Suite Enterprise Edition trial and seen how to add sites and create scans. The next step is to add some of your own sites to scan. Or, if you'd prefer, we've provided some more dummy sites that you can use for testing: vulnerable-website.com and insecure-website.com

Once you're confident with the basic workflow, you can move on to some of the additional steps to configure your trial to be as close to your real use cases as possible.