More than 1,000 organizations are using Burp Suite Enterprise Edition to scale their web vulnerability scanning - using the same Burp Scanner favored by 73,000 penetration testers. Pay as you scan cre

More than 1,000 organizations are using Burp Suite Enterprise Edition to scale their web vulnerability scanning - using the same Burp Scanner favored by 72,000 penetration testers. In addition to scan

tl;dr We have released BSEEPT - Burp Suite Enterprise Edition Power Tools which: Is a command line tool to drive all aspects of the BSEE GraphQL API. Is a Python client library to allow you to easily

We recently published some research on server-side prototype pollution where we went into detail on techniques for detecting this vulnerability black-box. To make your life easier, we've integrated th

Believe it or not, it's January once again. And this can mean only one thing - it's time to update you on the changes we've got in store for Burp Suite over the next six months.     But this

We launched the Burp Suite Certified Practitioner (BSCP) certification at the end of 2021 due to growing demand from Burp Suite Professional customers. Spanning everything from classic vulnerability c

It's been two years since we unleashed browser powered scanning on the world, and we decided what better way to celebrate than to start again from scratch! It started out as a task, how did it end up

If you follow the Burp Suite roadmap, then you'll know that we're working on a complete rewrite of the "Wiener" API used in Burp Suite Professional and Burp Suite Community Edition. The new API is cod

We recently launched the Burp challenge, to give our customers a unique opportunity to demonstrate their skills with Burp Suite Professional. Not only that, but the challenges involved put your web vu

Introducing Dastardly - a free, lightweight web application security scanner for your CI/CD pipeline, from the makers of Burp Suite. Secure web development ain't easy Ensuring your code is written sec

New product alert! Dastardly is a free, lightweight web application security scanner for your CI/CD pipeline - and it's going to be landing in the next few days. It'll check your application for seven

PortSwigger recently launched a scholarship scheme, specifically directed at creating opportunities for young women to kick-start their tech career. Our scholarships offer paid work opportunities, tai

We are increasing prices for Burp Suite Professional and Burp Suite Enterprise Edition, due to a significant increase in costs caused by global inflation. The price of an annual Burp Suite Professiona

It’s been a year since we launched our Burp Suite Certified Practitioner exam, so we’ve been reflecting on some of the improvements and developments we’ve made across both our preparation materials an

This roadmap has now been updated. Please see our January 2023 roadmap update. With six (and a bit) months of 2022 already gone, it's time to bring you an update on the latest happenings down at Burp

Thank you to those who attended our recent PortSwigginar on Burp Suite Enterprise Edition. Below is the video of the session, which included; A recap on “what’s new” within the product for those who h

If you use Burp Suite Professional or Burp Suite Community Edition for manual security testing, then you'll be familiar with tools like Burp Repeater and Burp Intruder. They make life as a tester much

Thank you to those who attended our recent PortSwigginar on Burp Suite Enterprise Edition. Below is the video of the session, which included: A recap on "what's new" within the product for those who h

Last year we made it significantly easier to find DOM XSS, when we introduced a brand new tool called DOM Invader. This year, we've improved DOM Invader to make finding CSPP (client-side prototype pol

If you've ever installed any Burp extensions from the BApp Store, you'll know that it's a great way to extend your capabilities and tailor Burp Suite to your every need. If you've not, then what are y

Thank you to those who attended our recent PortSwigginar on Burp Suite Enterprise Edition. Below is the video of the session, which included; A recap on “what’s new” within the tool for those who have

"Word". We heard that a lot of you have been having problems finding a truly dope vulnerable web application to wave your scanner at. As makers of the web's OG vulnerability scanner, we couldn't be le

Speaking to Burp Suite Enterprise Edition users, one thing has come up time and time again as a blocker to your understanding of the product. This has been our use of the term "agent" when describing

Burp Suite Enterprise Edition is the dynamic web vulnerability scanner that can help you to secure your whole portfolio. To help you achieve that, this article contains some advice on how to optimize

Burp Suite Professional version 2022.2.3 made Burp Scanner's crawler between 6x - 9x faster when used against static or stateless sites. This helps you to carry out automated reconnaissance much faste

Burp Suite Enterprise Edition is the dynamic vulnerability scanner that can help you to secure your whole web portfolio. And with release 2022.3, we've taken those same flexible Burp scans and made th

Here at PortSwigger, our goal is to enable the world to secure the web. Our scanner sits at the core of this value - quickly surfacing issues and vulnerabilities that may be present in a web applicati

For anyone who's used the Web Security Academy before, you'll be pretty familiar with the format. For those of you who haven't had the pleasure, the process goes a little bit like this: Select a set o

When we launched Burp Collaborator back in 2015, PortSwigger deployed a public Collaborator server that anyone could use. This meant that OAST testing with Burp Collaborator was able to work straight