Burp Suite Enterprise Connector Guide
Summary: How to set up and use the Burp Suite Enterprise connector in Ivanti Neurons.
Overview
The Ivanti Neurons platform provides an API-based connector that integrates with Burp Suite Enterprise Edition, enabling customers to bring in their DAST findings from Burp into Ivanti Neurons. This connector allows customers to gain visibility into their overall risk due to vulnerabilities in their web applications and enable a more straightforward, more efficient way to manage those vulnerabilities.
User Prerequisites/Burp Suite Enterprise Setup
Burp Suite Enterprise DAST is deployed as an on-premises solution. For Ivanti Neurons to communicate and pull data, the following access is required:
-
An API user account with at least read access to the scan results and the vulnerabilities. Refer to this link for creating an API user.
-
Ivanti Neurons communicates via Burp's GraphQL API.
-
RiskSense On-Site Application (ROSA) OVA setup. More information on ROSA is available here.
Configuring the Burp Suite Enterprise Connector in Ivanti Neurons
Navigate to the Automate > Integrations page.
Using the search bar in the upper-right corner of the Integrations page, type Burp Suite Enterprise to find the connector.
Locate the Burp Suite card on the page and click Configuration.
Complete the required fields in the new window under Connection, as described below.
-
Name: The connector's name.
-
URL: The On-premise URL to access the Burp Suite Enterprise instance.
-
API Key: API Key retrieved from the Burp Suite Enterprise instance. Refer to the User Prerequisites/Burp Suite Enterprise Setup section for API scope and role.
-
SSL: Optional instance SSL certificate in base64 format.
-
Select Network: Ivanti Neurons network name (ingested data associated with this network).
Click the Test Credentials button to ensure the credentials are correct and have the necessary access to make Burp Suite Enterprise API calls.
Under Schedule, you can configure the desired schedule for the connector to retrieve results from the Burp Suite Enterprise instance. Users can optionally turn on Enable auto URBA (Update Remediation by Assessment).
On marking the Create Assets that do not have vulnerabilities options, Ivanti Neurons will create applications with zero findings. This option will be selected by default, and the user can opt to turn it off.
Click the Save button to save the connector's configuration and create the connector. Once saved, the connector is now visible on the Integrations page under Currently Configured Integrations.
Clicking the History button displays the connector details for each pull. The Sync button allows users to perform on-demand sync. The Edit button allows the user to edit the connector configuration. The Delete button allows the user to delete the connector.
Once files have been processed on the Uploads page, view the ingested data by navigating to the Applications and Application Findings pages.
Mapping Burp Suite Enterprise Fields in Ivanti Neurons
This table showcases the high-level mapping of Burp Suite Enterprise fields in Ivanti Neurons. Ivanti Neurons pulls DAST findings from Burp Enterprise.
|
Ivanti Neurons Fields |
Burp Suite Enterprise Fields |
|---|---|
|
Scanner Reported Severity |
data ->scan-> issues -> severity |
|
Normalized Severity |
Burp has a Severity scale: High, Medium, Low, and Info Ivanti Neurons converts this Severity scale into a scale from 0-10 using specific logic. Contact Ivanti Neurons Support for more information. |
|
Scanner Plugin |
data ->scan-> issues -> issue_type -> type_index |
|
Application Name |
data ->site_tree-> sites -> name |
|
Address |
data ->scan-> issues -> origin |
|
Plugin Source Status |
data ->scan-> issues -> novelty |
|
Plugin Instance Id |
data ->scan-> issues -> serial_number |
Common Fields in Ivanti Neurons
The following fields in Ivanti Neurons are defined for Burp Suite Enterprise, along with their default values.
-
The Scanner Name will be BurpSuite Enterprise.
-
The Finding Type will be DAST.