Unlock enhanced API scanning with Burp Suite Enterprise Edition  –  Learn more

Enterprise Edition

Restricting access to sites

  • Last updated: July 16, 2024

  • Read time: 1 Minute

You can use groups to restrict user access to certain parts of an organization's infrastructure. For example:

  • Different people have responsibility for operations, finance, and payroll applications.
  • Different people have access to development, staging, and production systems.
  • Different people handle applications in different geographical regions.

By default, groups have no restrictions on sites. However, you can configure a group to be restricted to the sites that are relevant to a group's roles. For example, you might want to let a group view scan results for everything within the "Production" folder but disallow the "HR" folder beneath that, because its scan results might contain more sensitive information.

To restrict a group's access to sites:

  1. Log in to Burp Suite Enterprise Edition as an administrator.
  2. From the Team menu, select Groups.
  3. Select a group from the list, or create a new group.
  4. In the Site restrictions tab, click the folders, subfolders or sites that you want to restrict access to.
  5. When you're happy with your choices, click Save.

Was this article helpful?