Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Burp Suite Enterprise Edition engineering team

"We work on the Burp Suite Enterprise Edition platform, based on the world's leading toolkit for web security testing."

Building on the world class capabilities of Burp Scanner, we tackle the challenges of scanning thousands of websites and giving our customers the information they need to prioritize their development plans and improve their security posture.

Alun W, Technical Product Manager, Burp Suite Enterprise Edition

Alun W

Key functionality

Burp Suite Enterprise Edition is a multi-user web application which provides scan scheduling, results management, and dashboard reporting to enable businesses to scan their web applications and resolve issues.

Key integrations include our own Burp Suite scanner, a public-facing GraphQL API for adding sites, scheduling scans and collecting results, Jira for automatic ticket creation, and SAML and LDAP for single sign-on.

The product also provides a CI/CD driver with plug-ins for Jenkins, Team City, and Azure DevOps.

Problem space

As an enterprise product team, we tackle integrations with external systems such as continuous integration, issue tracking and user authentication. We also provide industry standard APIs for customers to implement their own integrations.

We design a product that is visually appealing as well as presenting concise information for customers with a wide range of knowledge and skills.

Our platform is designed with resilience built-in, so that we can ensure that scans continue to run and results are reported even in the event of potential network failures.

Our product can run on-premise, on single server machines for a minimal installation, and multiple servers where scanning of multiple large scale web applications in parallel is needed. It is also available for installation on cloud platforms including AWS and Azure.

Technologies

The front-end web application is a modern JavaScript single page application (SPA) written using React. The back-end server components are implemented in Java and communicate with the front-end using GraphQL.

Deployment platforms are Windows, Mac, Linux, AWS, Azure, and other cloud platforms. Our cloud versions are deployed using Kubernetes.

Our tooling includes IntelliJ IDEA, JUnit, Mockito, git, Gradle, TeamCity, Docker, Kubernetes, and various AWS and Azure services.

Meet the Swiggers

We are a diverse group of people with a wide range of interests and backgrounds. What Swiggers have in common is that they all love their work and are exceptionally good at what they do.

Jess H

Jess H, Culture Champion

Mike S

Mike S, Software Developer

Mohamed H

Mohamed H, Software Developer