Research Academy
My account Customers About Blog Careers Legal Contact Resellers

Burp Suite User Forum

Create new post

Renewing a license is painful for a corporate user

Colin | Last updated: Aug 18, 2022 01:17PM UTC

The licensing model for Burp Professional is very difficult for corporate users. License will be purchased by corporate purchasing department, often through a third party software vendor. This part goes smoothly, however getting the resulting license key to the end user took me a dozen emails back and forth and over a month elapsed time. I ended up getting the original entitlement email for the license, which required me to reset the purchaser's account password, login, and download the license key file. In the end my Burp is now licensed, but this license does not show on my profile page. Please find a way to connect individual end users, via email address perhaps, to connect with a license purchased by a corporate purchasing department. During the purchase process, end user email(s) could be associated with the license request. Once approved, the end user could run Burp and click "obtain new license" which would retrieve the license via email address. Also, please don't expire a license in the middle of a scan! Maybe you can find some way to degrade functionality to allow me to finish scan, mark issues and generate a report. I was thankful to obtain a trial license to carry me through the renewal process above, but it would have been nice to run for a few more hours to complete my scan. Thank you for listening. Colin

Michelle, PortSwigger Agent | Last updated: Aug 19, 2022 09:22AM UTC

Thanks for getting in touch. We are currently looking at the options to improve this process and see what we can do to make it easier to distribute keys, we do realize this process could be improved. Your feedback is very timely and appreciated, so I have passed this on to the team who are looking into the options. When your license expired, were you using a disk-based project file to save your work? Had the scan been running a long time?

Colin | Last updated: Aug 30, 2022 08:33PM UTC

Sorry for the delay in responding. Yes was using disk based project, it had been running for 6 hours, probably had another 8 to go. Maybe consider letting a project started before expiration to run a week or two after expiration to allow completion, triage, testing and report. Thanks for listening.

Michelle, PortSwigger Agent | Last updated: Aug 31, 2022 12:37PM UTC

If you're using a disk-based project, this should automatically back up, so you shouldn't lose too much work even though you wouldn't be able to open the project file until a new license key was applied. As for allowing a project file to be used after the license has expired, this could get tricky as the same project file could potentially be used for testing other sites that were not part of the original scope. We are looking at various aspects of the licensing process to see where we can make improvements and generally make the experience for users like yourself better, so we do appreciate your feedback.

You must be an existing, logged-in customer to reply to a thread. Please email us for additional support.