Product roadmap

API scanning

New feature

Enumerate API endpoints to scan APIs across your application portfolio; process OpenAPI (Swagger) definitions.

Burp extensions

New feature

By popular demand, customize Burp Suite Enterprise Edition using over 250 BApp extensions including custom builds.

Browser-powered scanning by default

New feature

Best-in-class coverage and scanning performance for challenging targets like AJAX-heavy single page apps, with browser-driven (Chromium) scanning. Enabled by default.

Recorded login sequences

New feature

Authenticate to any application by recording complex login sequences with a browser plug-in. Enable authenticated access for almost any target site, such as those using JavaScript-heavy logins or single sign-on.

Integrated SCA capabilities

New feature

Perform software composition analysis (SCA) of client-visible code, and report JavaScript libraries in use containing known vulnerabilities.

Improved SSO functionality

Feature enhancement

Enable single sign-on via Active Directory using SAML, in addition to the existing single sign-on functionality using LDAP.

Extended agent capabilities

Feature enhancement

Ensure scans are carried out using the most suitable agents - based on network location, system resources, or other factors.

More enterprise integrations

Feature enhancement

Integrate scanning into GitHub and Azure DevOps pipelines, adding to Burp Suite's range of out-of-the-box CI/CD connectors.

Increased cloud friendly capabilities

Feature enhancement

Further developed features to allow for a fully-flexible cloud-based scanning service. This will include automatic scaling of scanning resources (agents) and hourly metered billing.

Scan configuration libraries

Done

View and manage configurations, extend crawl and audit settings, view individual URL details, and view aggregated issue reporting.

Cloud functionality

Done

Burp Suite Enterprise Edition now has beta cloud functionality, via native deployment on both AWS and Azure platforms.

Browser-powered scanning enhancements

Done

Significant improvements to Burp Scanner - enabling enhanced performance and coverage of modern navigational patterns.

Read all release notes

GraphQL-based API

Done

Expose much of Burp Suite Enterprise Edition's core functionality for extensive improvements to site editing, scan settings, reporting, and agent management.

Single sign-on

Done

Configure an LDAP connection between Burp Suite Enterprise Edition and your Active Directory. Use single sign-on to remove the need to create and manage users.

Workflow improvements

Done

Streamline post-scan tasks by downloading detailed scan reports, automating email function for end-of-scan summary reports, and automating Jira ticket creation.

Improved user interface

Done

Extensive UI upgrades have been introduced, including navigation changes, overall look-and-feel, and more intuitive in-product workflows.