πŸ”’
There are new articles available, click to refresh the page.
βœ‡ PortSwigger Blog

Introducing the Web Security Academy

β€”
We are pleased to announce the launch of the Web Security Academy.Β  This isΒ a brand new learning resource providingΒ training on web security vulnerabilities, techniques for finding and
βœ‡ PortSwigger Blog

Burp Suite roadmap for 2020

β€”
We have big plans for Burp Suite during 2020, aimed at improving its value to professional testers, software development teams, and businesses with web assets to protect. Here, we’re sharing some key
βœ‡ PortSwigger Blog

A one million milestone for the Web Security Academy

β€”
13 years ago, I wrote The Web Application Hacker’s Handbook. Fast forward to today, two editions and the release of the Web Security Academy later, it's clear that people still have a huge appetite fo
βœ‡ PortSwigger Blog

Burp Suite roadmap update: July 2020

β€”
We’re half-way through 2020, and we’ve made a lot of progress towards the Burp Suite roadmap that we announced in January. We’d like to update everyone on our progress so far, and add some new items t
βœ‡ PortSwigger Blog

What steps can you take toward evolving your organization's security maturity?

β€”
The problem DevSecOps evolves the DevOps philosophy to include security earlier in the development process. Shifting it "left", if you will. This holds the promise of removing downstream bottlenecks,
βœ‡ PortSwigger Blog

Three priorities every AppSec leader should be focused on

β€”
The challenges faced by AppSec managers in the current digital landscape are numerous and ever-growing. However, we’d be willing to bet that every challenge you’re facing has been staring another wear
βœ‡ PortSwigger Blog

The state of DevSecOps: the latest stats and trends in 2020

β€”
It's been 8 years now since Neil MacDonald coined the term "DevSecOps" (originally "DevOpsSec") - and 11 since Patrick Debois came up with the term "DevOps" itself. We've been thinking a lot recently
βœ‡ PortSwigger Blog

Security is everybody's problem: The key to breaking the AppSec barrier.

β€”
What’s the deal with AppSec? The inherent separation between AppSec and other factions of an organization can make effective security enablement an illustrious and flighty target. In too many organiza
βœ‡ PortSwigger Blog

Finding your first bug: bounty hunting tips from the Burp Suite community

β€”
More and more people are getting into bug bounty hunting. In fact, HackerOne’s 2020 report showed that β€œthe hacker community nearly doubled last year to more than 600,000”. With so many people involve
βœ‡ PortSwigger Blog

Burp Suite tips from power user and "hackfluencer" StΓΆk

β€”
In his own words, StΓΆk is "that hacker that your friends told you about". In other words, he's a content creator with over 25 years of experience in the IT industry. He creates education, tutorial, an
βœ‡ PortSwigger Blog

PortSwigger is recognized as a 2020 Gartner Peer Insights Customers' Choice for Application Security Testing*

β€”
The PortSwigger team is excited to announce that we have been recognized as a Customers’ Choice in the October 2020 Gartner Peer Insights β€˜Voice of the Customer’: Application Security Testing. Our cor
βœ‡ PortSwigger Blog

Burp Suite Enterprise Edition: six months of new features

β€”
Over the past six months, we've added a number of new features to Burp Suite Enterprise Edition. We're also pleased to announce that the software is now being used by 572 organizations, across 63 coun
βœ‡ PortSwigger Blog

The latest PortSwigger research is coming to Black Hat Europe 2020

β€”
At PortSwigger, we are research obsessed - from the training and labs we produce to the features we put into our Burp Suite products. Everything revolves around research - from the latest and most com
βœ‡ PortSwigger Blog

Web Security Academy - your questions answered

β€”
We're nearly at 200 labs on our ever-popular Web Security Academy, so before we hit that magic number we wanted to give you the chance to get your questions answered. This blog post answers your most-
βœ‡ PortSwigger Blog

Burp Suite Professional - evolving the future of web security testing

β€”
With every new release of Burp Suite Professional, we bake in the latest research findings to ensure that you are able to catch vulnerabilities, faster. We always recommend updating to the latest vers
βœ‡ PortSwigger Blog

Hack your APIs: interview with Corey Ball - API security expert

β€”
Corey Ball is a Cybersecurity Consulting Manager, and author of the forthcoming book Hacking APIs (working title - No Starch Press). As well as being a long-time API hacking enthusiast, Corey’s role g
βœ‡ PortSwigger Blog

Burp Suite roadmap for 2021

β€”
This roadmap has now been updated. Please see our July 2021 roadmap update. We’re all hoping that 2021 will prove to be a better year for humanity. And we’re also planning a great year for Burp Suite!
βœ‡ PortSwigger Blog

Get started with DevSecOps: insights from Aleksandr Krasnov - Product Security Engineer

β€”
Recently, we caught up with Aleksandr Krasnov - who is a product security engineer at Dropbox, and an all-round DevSecOps expert. Having worked on multiple Silicon Valley DevSecOps implementations, Al
βœ‡ PortSwigger Blog

How to enable dark mode in Burp Suite

β€”
To enable dark mode in Burp Suite, go to the "User options" > "Display" tab. In the "User Interface" section, you can select either the light or dark theme from a drop-down menu. This option is ava
❌