Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

configure Burp scan in gitlab runner pipeline job

Siddi | Last updated: Jan 20, 2021 07:34AM UTC

Hi, Good day ! We are using Burp suite for DAST, we were running the scan manually. we are trying to automate it through gitlab runner pipeline job, can you share the sample instructions to configure it in gitlab runner ? Thanks, Siddi

Uthman, PortSwigger Agent | Last updated: Jan 20, 2021 10:51AM UTC

Hi Siddi, We do not have any instructions for scanner automation using GitLab. Is this in relation to CI integration using Burp Suite Enterprise?

kamlakar | Last updated: Nov 30, 2023 08:20AM UTC

Re-opening the thread again, I have brup suite license , I would like to intall the brup in VM & execute the scans in gitlab pipeline since there is no single documentation is available in docs its difficult to achieve this

Maia, PortSwigger Agent | Last updated: Nov 30, 2023 03:27PM UTC

Thank you for your message. Is this in relation to CI integration using Burp Suite Enterprise or Burp Suite Professional? For Burp Suite Enterprise Edition, please see the documentation for integrating with CI/CD platforms: https://portswigger.net/burp/documentation/enterprise/integrate-ci-cd-platforms Burp Pro is not designed for CI integration and may go against our licensing agreement if a single license is used by multiple users via the integration.

kamlakar | Last updated: Dec 04, 2023 05:07PM UTC

Hi Thanks for your reply, I have a professional license The single license is used only for CI , Let me know if there is any way to integrate with gitlab for runner under pipeline

Thomas, PortSwigger Agent | Last updated: Dec 05, 2023 01:21PM UTC

Thank you for the additional information. If multiple users are using Burp Suite Professional as part of the pipeline, this will go against our licensing agreement. Burp Suite Professional is not designed to run CI scans, whereas Burp Suite Enterprise is designed to schedule scans and run scans within pipelines. Could you please email us at support@portswigger.net with some additional details about your use case? Such as how many people would be using the pipeline, how often scans would be run, and what type of reporting capabilities you want from this scan.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.