Burp Suite Enterprise Edition

Features

Scan it all. With the enterprise-enabled dynamic web vulnerability scanner.

Try for free Pricing and plans

Got a question? Contact us

Live demo

Scanning Features

Add OAST to dynamic scans

Automated OAST was pioneered by PortSwigger, and can identify many vulnerabilities with tremendous accuracy.

Easy scan set-up

Point and click scanning - just a URL required. Or trigger via CI/CD.

Recurring scanning

Set your scans to run on a daily, weekly, or even monthly basis.

Out-of-box configurations

Perform a variety of scans, such as a fast crawl or a critical vulnerability audit, with ease.

Scan the modern web

API security testing can increase coverage of microservices, while JavaScript scanning reveals more attack surface in SPAs.

Scalable scanning

Scale the number of concurrent scans you have available, with our simple and transparent model.

Custom configurations

Specify crawl maximum link depth, reported vulnerabilities, fast versus exhaustive results, and more.

Burp Scanner

Catch the latest vulnerabilities with Burp Scanner - the dynamic web vulnerability scanner trusted at over 16,000 organizations.

Integration Features

All major CI/CD platforms

Integrate with platforms including Jenkins and TeamCity. See vulnerabilities in your development environment.

API-driven workflow

Integrate with your existing systems to initiate scans and obtain results, via the REST API.

Vulnerability management platforms

Integrate scanning and security reporting into your own management and orchestration systems.

Burp extensions

Tailor Burp Scanner to your exact requirements, by writing your own extensions, or by downloading them from the BApp Store.

Multiple deployment options

Choose from a standard deployment with an interactive installer, or a Kubernetes deployment using a Helm chart.

Bug tracking systems

Track issues with Jira and other systems. Auto ticket generation, severity / confidence level triggers, and unlimited boards.

GraphQL API

Initiate, schedule, cancel, update, and work through your scans, to get the exact data you need, with a GraphQL API.

Role based access control

Multi-user, role-based functionality for site hierarchy, scan detail and reporting. Give everyone control.

Compatible configurations

Manually integrate configurations from Burp Suite Pro, directly into your fully automated Enterprise environment.

Integration features in Burp Suite Enterprise Edition

Reporting Features

Dashboards

Graphical dashboards allow you to view bugs by severity or type. See security posture for all or just part of your organization.

Report exporting

Export tailored HTML reports. Include any level of detail, severity, and confidence you require.

Scan history

Metrics include changes by issue type and severity. See when and where bugs were introduced.

Intuitive UI

Almost all features can be controlled through an intuitive, attractive UI. This opens security up to everyone.

Rich email reporting

Get reports emailed to the right members of your team, to tailor your communications effectively.

Security posture graphing

View deltas and other changes to visually represent your security posture's evolution. Know your attack surface.

Aggregated issue reporting

Organize issues by their class at the touch of a button. Focus on the vulnerabilities you want to fix.

Compliance reporting

Check for vulnerabilities relevant to the PCI DSS standard and 2021 OWASP Top 10, across your whole web portfolio.

The scanning engine is loaded with modern vulnerability detection engines. Sophisticated attacks are identified with ease with a detailed explanation. Once a scan is completed, having the ability to reproduce the issue using the proof of concept from the results provides a detailed level of understanding and the corresponding fix.

Working as a cybersecurity engineer, where day-to-day tasks revolve around AppSec, integration with CI pipelines, DevOps collaboration and source code analysis provides a fantastic approach in identifying vulnerabilities, in-depth root cause analysis and a fine tune code fix. ^{Source: TechValidate survey of PortSwigger customers}

See more customer stories

Application Security Engineer

Global 500 Insurance Company

Try for free

Begin your fully-featured trial of Burp Suite Enterprise Edition

Indefinitely scalable
Unlimited users
Free technical support