Burp Suite Enterprise Connector Guide

How to set up and use the Burp Suite Enterprise connector in RiskSense.

Overview

The RiskSense platform provides an API-based connector that integrates with Burp Suite Enterprise Edition, enabling customers to bring in their DAST findings from Burp into RiskSense. This connector allows customers to gain visibility into their overall risk due to vulnerabilities in their web applications and enable a more straightforward, more efficient way to manage those vulnerabilities.

User Prerequisites/Burp Suite Enterprise Setup

Burp Suite Enterprise DAST is deployed as an on-premises solution. For RiskSense to communicate and pull data, the following access is required:

Configuring the Burp Suite Enterprise Connector in RiskSense

Navigate to the Automate > Integrations page.

Navigation - Automation - Integrations-1

Using the search bar in the upper-right corner of the Integrations page, type Burp Suite Enterprise to find the connector.

Burp Suite Enterprise - Search for Connector

Locate the Burp Suite card on the page and click Configuration.

Burp Suite Enterprise - Configuration Button Location

Complete the required fields in the new window under Connection, as described below.

  • Name: The connector's name.
  • URL: The On-premise URL to access the Burp Suite Enterprise instance.
  • API Key: API Key retrieved from the Burp Suite Enterprise instance. Refer to the User Prerequisites/Burp Suite Enterprise Setup section for API scope and role.
  • SSL: Optional instance SSL certificate in base64 format.
  • Select Network: RiskSense network name (ingested data associated with this network).

Burp Suite Enterprise - Connection Window

Click the Test Credentials button to ensure the credentials are correct and have the necessary access to make Burp Suite Enterprise API calls.

Under Schedule, you can configure the desired schedule for the connector to retrieve results from the Burp Suite Enterprise instance. Users can optionally turn on Enable auto URBA (Update Remediation by Assessment).

On marking the Create Assets that do not have vulnerabilities options, RiskSense will create applications with zero findings. This option will be selected by default, and the user can opt to turn it off.

Burp Suite Enterprise - Schedule Section

Click the Save button to save the connector's configuration and create the connector. Once saved, the connector is now visible on the Integrations page under Currently Configured Integrations.

Clicking the History button displays the connector details for each pull. The Sync button allows users to perform on-demand sync. The Edit button allows the user to edit the connector configuration. The Delete button allows the user to delete the connector.

Burp Suite Enterprise - Configured Connector

Once files have been processed on the Uploads page, view the ingested data by navigating to the Applications and Application Findings pages.

Mapping Burp Suite Enterprise Fields in RiskSense

This table showcases the high-level mapping of Burp Suite Enterprise fields in RiskSense. RiskSense pulls DAST findings from Burp Enterprise.

RiskSense Fields

Burp Suite Enterprise Fields

Scanner Reported Severity

data ->scan-> issues -> severity

Normalized Severity

Burp has a Severity scale: High, Medium, Low, and Info

RiskSense converts this Severity scale into a scale from 0-10 using specific logic. Contact RiskSense Support for more information.

Scanner Plugin

data ->scan-> issues -> issue_type -> type_index

Application Name

data ->site_tree-> sites -> name

Address

data ->scan-> issues -> origin

Plugin Source Status

data ->scan-> issues -> novelty

Plugin Instance Id

data ->scan-> issues -> serial_number

Common Fields in RiskSense

The following fields in RiskSense are defined for Burp Suite Enterprise, along with their default values.

  • The Scanner Name will be BurpSuite Enterprise.
  • The Finding Type will be DAST.