Introduction

The platform will communicate with your Burpsuite Enterprise Manager API to retrieve web application scan results.

When integrating the platform with your Burpsuite Enterprise platform you must first configure appropriate API credentials and API permissions within your Burpsuite Enterprise platform. Whilst the Burpsuite Enterprise API configuration is beyond the scope of this article, further information on the Burpsuite Enterprise API can be found here

Configuring Burpsuite Enterprise Integration

Choose the appropriate Connected Accounts entry:

Open

Open

All fields below are mandatory:

• Name - a meaningful name/ID of the scanner within your platform tenant.

• Type - this field is pre-defined and cannot be changed

• Host - the full URL of your Burpsuite Enterprise platform (e.g. https://mybse.mycompany.com)

• Secret Key - taken/copied from relevant API-enable user account within your Burpsuite Enterprise platform

• Scanner Frequency - this defines how often the Platform should check with the Burpsuite Enterprise Manager for new scan data. Default is every 30 minutes

Select Create Scanner once all information has been populated.

Open

Open

For valid configurations the platform will display a green banner and return to the previous Burpsuite Enterprise Scanners window.

Should the platform return a red banner during the configuration checks, this indicates an error with communicating/validating the API configuration. Please check your Host definition and API credentials are correct and then select Create Scanner again.

Importing Scan Results from Burpsuite Enterprise

Once an integration has been setup, the instances will be available to import scan results from. Scan results can be imported manually via a Phase, where the Platform will make an ad-hoc API call to the Burpsuite Enterprise Manager to retrieve available scans: Alternatively, a Project can be created that can be configured to automatically import scan results from the Burpsuite Enterprise Manager.