1. Support Center
  2. Documentation
  3. Enterprise Edition
  4. Working with Burp Suite Enterprise Edition
  5. Working with sites
  6. Folders

Folders

Users with the corresponding roles can create folders to organize the site tree into a hierarchical structure. For example, your organization might choose to create folders to group sites based on their geographical location or based on the development team that is responsible for them.

Site tree

You can also restrict user access based on specific folders.

Viewing folder details

Just like sites, you can click on any folder to view more details. Within a folder, the following tabs are available.

Folder-level dashboard

The folder-level dashboard shows you various metrics about the sites contained in this folder and its subfolders. For example, you can see the number of current issues of each severity level.

You can also use the dashboard to keep track of how the security of the folder's sites is progressing over time. The "New and resolved issues over time" chart shows the number of issues that are new, resolved, and regressed as compared to the previous scan. This enables you to monitor your progress over time

You can hover over different areas of the charts to get more information and click on some of them to drill down into the results. For example, clicking on an issue severity in the "Current issues" chart opens the "Issues" tab, filtered based on the selected severity. To download charts in JPG or PNG format, click the three vertical dots in the upper-right corner of the chart.

Folder-level dashboard

Scans

The "Scans" tab shows the scans that have been performed on all sites within this folder and its subfolders. It provides an overview of basic information, such as the current status of each scan and how many issues it has found for each severity level. You can click on each scan to open the scan details.

Issues

The "Issues" tab shows all issues from the latest scan of all sites within this folder and its subfolders. Issues are grouped by their type. The number next to each issue indicates the number of instances of this issue type that were found. You can expand any issue type to see the individual URLs where this issue type was found.

Clicking the URL opens the issue details page, which provides an issue description, remediation advice, as well as the HTTP request and response where the issue was found. You can also mark the issue as a false positive.

You can download the issues list as a CSV file in order to continue analyzing the data in another application, for example.