Burp

Burp Suite Key Features

• Data Import:

  • Import applications, scan summaries, and vulnerabilities from Burp Suite into Centraleyezer, either on-demand or via automated schedules.

  • Supported formats: API, XML, JSON.

• Detailed Findings:

  • Centraleyezer provides comprehensive request/response details for vulnerabilities detected by Burp Suite.

• Risk Scoring:

  • Configurable severity values for Burp Suite findings, adjustable based on organizational risk policies.

• Selective Data Import:

  • Supports filtering based on status, scan type, and severity for more precise data imports.

• Secure Connectivity:

  • Requires an HTTPS connection, with or without a proxy for API access.

Considerations

• The integration supports mapping one Burp Suite security tool instance with one Centraleyezer instance.

• Configuring a different Burp Suite instance in the plugin will overwrite previously imported data.

Requirements

• System Requirements:

  • Centraleyezer Prerequisites: Latest version of the Centraleyezer Vulnerability Management Platform recommended.

  • Burp Suite Prerequisites: API access must be enabled with proper authentication and must support export of vulnerability findings and API-based integration.

• Permissions and Roles:

  • Centraleyezer: Requires System Admin or Application Security Manager permissions.

  • Burp Suite: User access for vulnerability scan information.

  • Import mappings require admin-level permissions.

Release Notes

Version 1.0.0:

New mappings for vulnerabilities from Burp Suite security tools during scans include:

Mapped Data Points:

• • Finding Target (Issue)

  • Asset Target (Host)

  • Asset (Host)

  • Name

  • Description (Issue Detail)

  • Recommendation (Remediation Background)

  • Request

  • Reply (Response)

  • Criticality (Severity)