Burp Suite Enterprise
Burp Suite Enterprise is an application security tool that scans your web applications for security vulnerabilities. You can bring issue, issue definition, scan, and site data from Burp Suite Enterprise into Brinqa to gain a comprehensive view of your application security landscape, thus enhancing your cybersecurity posture.
This document details the information you must provide for the connector to authenticate with Burp Suite Enterprise and how to obtain that information from Burp Suite Enterprise. See create a data integration for step-by-step instructions on setting up the integration.
Required connection settings
When setting up a data integration, select Burp Suite Enterprise from the Connector drop-down. If you cannot find the connector in the drop-down, make sure that you have installed it first. You must provide the following information to authenticate Burp Suite Enterprise with Brinqa:
-
Server URL: The Burp Suite Enterprise Server URL.
-
API Key: The access key associated with the Burp Suite Enterprise account, which must have permissions to log in to the API server and return data.
Generate a Burp Suite Enterprise API key
For the connector to use the Burp Suite Enterprise API, you must provide an API key. Burp Suite Enterprise does not allow for retrieval of an existing API key. To create a new API user and generate an API key, follow these steps:
-
Log in to your organization's Burp Suite Enterprise server as an administrator.
-
Navigate to Team > Add a new user.
-
Enter the name, username, and email address for the user.
-
For the login type, select API key.
-
Click Save.
A window displays with your API key. You cannot view the key after this, so copy the key and save it to a secure location.
If you do not have the permissions to create an API key, contact your Burp Suite Enterprise administrator. For additional information, see Burp Suite Enterprise documentation.
Additional settings
The Burp Suite Enterprise connector contains additional options for configuration:
-
Page size: The maximum number of records to get per API request. The default setting is 100. It is not recommended to go over 100.
-
Skip certificate verification: Select this option to allow for untrusted certificates.
Types of data to retrieve
The Burp Suite Enterprise connector can retrieve the following types of data from the Burp Suite Enterprise API:
Table 1: Data retrieved from Burp Suite Enterprise
Connector Object | Required | Maps to Data Model |
---|---|---|
Issue | Yes | Dynamic Code Finding |
Issue Definition | Yes | Dynamic Code Finding Definition |
Scan | Yes | Assessment |
Site | Yes | Site |
The Burp Suite Enterprise connector does not support operation options for the types of data it retrieves.
For detailed steps on how to view the data retrieved from Burp Suite Enterprise in the Brinqa Platform, see How to view your data.
APIs
The Burp Suite Enterprise connector uses both the Burp Suite Enterprise REST API and the GraphQL API v1, providing a flexible approach to retrieve your Burp Suite Enterprise data.
Burp Suite Enterprise REST API
The Burp Suite Enterprise connector uses the Burp Suite Enterprise REST API. Specifically, it uses the following endpoint:
Table 2: Burp Suite Enterprise REST API Endpoint
Connector Object | API Endpoint |
---|---|
Issue Definition | GET /knowledge_base/issue_definitions |
GraphQL API
The Burp Suite Enterprise connector also uses the GraphQL API v1. Specifically, it uses the following queries:
Issue GraphQL query
The following GraphQL query retrieves key information about a specific issue in Burp Suite Enterprise, identified by its scan_id
and serial_number
. The query covers issue attributes like type, confidence, and severity, along with HTML-formatted descriptions and remediation tips. It also includes request and response evidence segments related to the issue:
query getIssue($scanId: ID!, $serialNumber: ID!) {
issue(scan_id: $scanId, serial_number: $serialNumber) {
issue_type {
type_index
description_html
remediation_html
}
confidence
display_confidence
serial_number
description_html
remediation_html
severity
path
origin
novelty
evidence {
... on Request {
request_index
request_count
request_segments {
... on DataSegment {
data_html
}
... on HighlightSegment {
highlight_html
}
... on SnipSegment {
snip_length
}
}
}
... on Response {
response_index
response_count
response_segments {
... on DataSegment {
data_html
}
... on HighlightSegment {
highlight_html
}
... on SnipSegment {
snip_length
}
}
}
}
}
}
Scan GraphQL query
The following GraphQL query retrieves details of a specific scan in Burp Suite Enterprise using its scanId
. The query retrieves scan metadata like start and end times, status, and the associated site and agent details. It also pulls in information about the scan configurations and the URLs included in the scan's scope.
query GetScan($scanId: ID!) {
scan(id: $scanId) {
id
site_id
site_name
start_time
end_time
status
agent {
id
name
}
scan_configurations {
id
name
}
scope {
included_urls
}
}
}
Site GraphQL query
The following GraphQL query retrieves the hierarchical structure of sites and folders within Burp Suite Enterprise. It fetches the IDs, parent IDs, and names for all sites, along with the IDs and names for all folders, offering a comprehensive view of your site organization.
query GetSiteTree {
site_tree {
sites {
id
parent_id
name
}
folders {
id
name
}
}
}
Changelog
The Burp Suite Enterprise connector has undergone the following changes:
3.1.5
-
Fixed an issue where the connector was not pulling in data due to deprecated attributes. Replaced the following attributes on the Scan object:
- ScanResource.site_id -> ScanResource.scanTarget.id
- ScanResource.site_name -> ScanResource.scanTarget.name
- ScanResource.scope -> ScanResource.scope_v2
3.1.4
- Fixed an issue where certain attributes weren't mapped correctly in the Issue, Issue Definition, or Site objects.
3.1.2
- Updated dependencies.
3.1.1
- Shifted the severity level from 'Informational' to 'None'.
3.1.0
- Initial Integration+ release.