Burp Suite Enterprise Edition


Scan it all. With the enterprise-enabled web vulnerability scanner.

Burp Suite Enterprise Edition Features

Live demo

Scanning Features

Scanning features in Burp Suite Enterprise Edition

Easy scan set-up

Point and click scanning - just a URL required. Or trigger via CI/CD.


Recurring scanning

Set your scans to run on a daily, weekly, or even monthly basis.


Out-of-box configurations

Perform a variety of scans, such as a fast crawl or a critical vulnerability audit, with ease.


Multi-faceted AST

Combine DAST, OAST, IAST, SCA, and SAST. Catch critical bugs others can't - and minimize false positives.


Scheduled scanning

Agents scan when you tell them to, with scheduled, automated scanning.


Agent-led scanning

Run scores of scans concurrently with a flexible agent model.


Custom configurations

Specify crawl maximum link depth, reported vulnerabilities, fast versus exhaustive results, and more.


Burp Scanner

Catch the latest vulnerabilities with Burp Scanner. Frequently updated, research-fuelled scanning engine. Trusted at over 13,000 organizations.

Integration Features


All major CI/CD platforms

Integrate with platforms including Jenkins and TeamCity. See vulnerabilities in your development environment.


API-driven workflow

Integrate with your existing systems to initiate scans and obtain results, via the REST API.


Vulnerability management platforms

Integrate scanning and security reporting into your own management and orchestration systems.


BApp extensions - coming soon!

Over a hundred BApp extensions to help you tailor Burp Scanner to your exact requirements.


Multiple deployment options

Deploy on-premise, or to cloud. Managed Kubernetes clusters on AWS (beta) and Azure (beta).


Bug tracking systems

Track issues with Jira and other systems. Auto ticket generation, severity / confidence level triggers, and unlimited boards.



Initiate, schedule, cancel, update, and work through your scans, to get the exact data you need, with a GraphQL API.


Role based access control

Multi-user, role-based functionality for site hierarchy, scan detail and reporting. Give everyone control.


Compatible configurations

Manually integrate configurations from Burp Suite Pro, directly into your fully automated Enterprise environment.

Integration features in Burp Suite Enterprise Edition

Reporting Features

Reporting features in Burp Suite Enterprise Edition


Graphical dashboards allow you to view bugs by severity or type. See security posture for all or just part of your organization.


Report exporting

Export tailored HTML reports. Include any level of detail, severity, and confidence you require.


Scan history

Metrics include changes by issue type and severity. See when and where bugs were introduced.


Intuitive UI

Almost all features can be controlled through an intuitive, attractive UI. This opens security up to everyone.


Rich email reporting

Get reports emailed to the right members of your team, to tailor your communications effectively.


Security posture graphing

View deltas and other changes to visually represent your security posture's evolution. Know your attack surface.


Aggregated issue reporting

Organize issues by their class at the touch of a button. Focus on the vulnerabilities you want to fix.

Customer quote

The scanning engine is loaded with modern vulnerability detection engines. Sophisticated attacks are identified with ease with a detailed explanation. Once a scan is completed, having the ability to reproduce the issue using the proof of concept from the results provides a detailed level of understanding and the corresponding fix.

Working as a cybersecurity engineer, where day-to-day tasks revolve around AppSec, integration with CI pipelines, DevOps collaboration and source code analysis provides a fantastic approach in identifying vulnerabilities, in-depth root cause analysis and a fine tune code fix. Source: TechValidate survey of PortSwigger customers

See more customer stories

Application Security Engineer

Global 500 Insurance Company