PortSwigger was founded in 2004 by Dafydd Stuttard, a leading expert in web security. Daf spotted a gap in the market for a tool kit for web application security testing. What started as a hobby, is now a product used by web security professionals across the world. Today, Daf still leads the software development team at PortSwigger and is heavily engaged with the Burp Suite user community.
PortSwigger is a global leader in the creation of software tools for security testing of web applications. For over a decade, we have worked at the cutting edge of the web security industry, and our software is well established as the de facto standard toolkit used by web security professionals.
The team behind Burp Suite is growing steadily, and we are always recruiting for outstanding Java and .NET developers to join our ultra-agile team near Manchester, UK.
PortSwigger's Burp Suite helps you secure your web applications by finding the vulnerabilities they contain.
Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application's attack surface, through to finding and exploiting security vulnerabilities.
Burp gives you full control, letting you combine advanced manual techniques with state-of-the-art automation, to make your work faster, more effective and more fun.
Intercepting Proxy: It lets you inspect and modify traffic between your browser and the target application.
Application-aware Spider: for crawling content and functionality.
Advanced web application Scanner: for automating the detection of numerous types of vulnerability.
Intruder tool: for performing powerful customised attacks to find and exploit unusual vulnerabilities.
Repeater tool: for manipulating and resending individual requests.
Sequencer tool: for testing the randomness of session tokens.
Extensibility: Allowing you to easily write your own plugins, to perform complex and highly customised tasks within Burp.
Test, find, and exploit vulnerabilities Arm yourself with the leading toolkit for web security testing.
Burp Suite Professional is an advanced set of tools for testing web security - all within a single product. From a basic intercepting proxy to a cutting-edge vulnerability scanner, with Burp Suite Pro, the right tool is never more than a click away.
Our powerful automation gives you more opportunity to do what you do best, while Burp Suite handles low-hanging fruit. Advanced manual tools will then help you identify your target's more subtle blind spots.
Burp Suite Pro is built by a research-led team. This means that before we even publish a paper, its findings have been included in our latest update. Our pentesting tools will make your job faster while keeping you informed of the very latest attack vectors.
Protect your business with simple, scalable scanning
Scan it all. With the enterprise-enabled web vulnerability scanner.
Easy scan set-up
Point and click scanning - just a URL required. Or trigger via CI/CD.
Set your scans to run on a daily, weekly, or even monthly basis.
Perform a variety of scans, such as a fast crawl or a critical vulnerability audit, with ease.
Combine DAST, OAST, IAST, SCA, and SAST. Catch critical bugs others can't - and minimize false positives.
Agents scan when you tell them to, with scheduled, automated scanning.
Run scores of scans concurrently with a flexible agent model.
Specify crawl maximum link depth, reported vulnerabilities, fast versus exhaustive results, and more.
Catch the latest vulnerabilities with Burp Scanner. Frequently updated, research-fuelled scanning engine. Trusted at over 12,000 organizations.
All major CI/CD platforms
Integrate with platforms including Jenkins and TeamCity. See vulnerabilities in your development environment.
Integrate with your existing systems to initiate scans and obtain results, via the REST API.
Vulnerability management platforms
Integrate scanning and security reporting into your own management and orchestration systems.
BApp extensions - coming soon!
Over a hundred BApp extensions, including Turbo Intruder, let you tailor Burp Scanner to your exact requirements.
Multiple deployment options
Deploy on-premise, or to cloud. Managed Kubernetes clusters on AWS (beta) and Azure (beta).
Bug tracking systems
Track issues with Jira and other systems. Auto ticket generation, severity / confidence level triggers, and unlimited boards.
Initiate, schedule, cancel, update, and work through your scans, to get the exact data you need, with a GraphQL API.
Role based access control
Multi-user, role-based functionality for site hierarchy, scan detail and reporting. Give everyone control.
Manually integrate configurations from Burp Suite Pro, directly into your fully automated Enterprise environment.
Graphical dashboards allow you to view bugs by severity or type. See security posture for all or just part of your organization.
Export tailored HTML reports. Include any level of detail, severity, and confidence you require.
Metrics include changes by issue type and severity. See when and where bugs were introduced.
Almost all features can be controlled through an intuitive, attractive UI. This opens security up to everyone.
Rich email reporting
Get reports emailed to the right members of your team, to tailor your communications effectively.
Security posture graphing
View deltas and other changes to visually represent your security posture's evolution. Know your attack surface.
Aggregated issue reporting
Organize issues by their class at the touch of a button. Focus on the vulnerabilities you want to fix.
Softa SuperStore Finland Oy helps you with software matters in Helsinki, Espoo, Tampere, Vantaa, Oulu, Turku, Jyväskylä, Lahti, Kuopio, Pori, Kouvola, Suomi, Finland