ENTERPRISE

Next steps after installation

• Last updated: July 3, 2023

• Read time: 3 Minutes

Congratulations - you're on your way to deploying Burp Suite Enterprise Edition.

You can get a feel for the UI and run scans straight away. However, there are some key tasks that we recommend you complete before you start running a full production scanning workflow. See the sections below for more details on how to get the most out of Burp Suite Enterprise Edition.

Complete your network settings

You need to ensure that your network settings are correctly configured in order to grant your users access to Burp Suite Enterprise Edition. Completing your network settings also enables you to set up an email server and integrate Burp Suite Enterprise Edition with supported third-party products.

Add more scanning machines

As you add more sites and schedule more scans, you may need to increase the number of external scanning machines you run. We recommend deploying one scanning machine for every four concurrent scans.

Import sites in bulk

Burp Suite Enterprise Edition's CSV-based bulk site upload feature makes it easier to add large numbers of sites to the system. This is useful if you're looking to migrate from an alternative tool that allows you to export your existing sites.

Schedule scans

Scheduling regular scans is the best way to see changes in your security posture and identify areas for improvement. Scans run at set intervals with the same configuration are easier to compare than one-off scans. They help you to see how changes to your sites affect the vulnerabilities you find.

You can set up unlimited sites and run unlimited scans in Burp Suite Enterprise Edition at no extra cost.

Set up your email server

You can connect Burp Suite Enterprise Edition to both internal and external email services. Setting up an email server gives you the following benefits:

• Administrators can send email invites to new users.
• Users can automatically receive end-of-scan reports.
• Administrators can automatically send password reset links to users.
• Administrators can receive system alerts, such as low disk space warnings.

Add more users

You can set up unlimited users in Burp Suite Enterprise Edition. User permissions are managed using a role-based system: you create roles defining what a user can do within the system and then add specific users to those roles.

Managing permissions in this way makes it easy for you to give users the access they need. For example, you could set up separate roles for your security, IT infrastructure, and management teams, each with their own combination of permissions.

Set up integrations

Burp Suite Enterprise Edition offers the following integration options:

Integrate with your CI/CD platform.

Issue tracking and workflow tools:

• Jira.
• GitLab.
• Trello.
• Slack.

Single sign-on:

• LDAP.
• SAML.
• SCIM.

Learn more about working with sites

Burp Suite Enterprise Edition enables you to specify a wide range of information around how each of your sites should be scanned, including:

• Which of the site's URLs should be scanned and any that should be excluded.
• The configuration that scans of the site should use.
• What login mechanisms Burp Scanner should use to access any authenticated areas of your site.
• Whether Burp Suite Enterprise Edition should send any automated notifications when scanning the site.

See the documentation for more information.

Learn more about working with scans

Burp Suite Enterprise Edition offers a wide range of scan management features, including:

• Creating scans both individually and in bulk.
• Monitoring the progress of in-flight scans.
• Defining how scans categorize and manage false positives.
• Downloading logs.

See the documentation for more information.

Learn more about analyzing scan results

Burp Suite Enterprise Edition makes it easy for you to track your scanning progress over time. You can also view details of individual issues, and raise tickets in third-party issue tracking systems if you have set up the relevant integrations.

See the documentation for more information.