PortSwigger Burp Primary Use Case

Vijayanathan Naganathan
Director - Head of Delivery Services at Ticking Minds Technology Solutions Pvt Ltd
Clients come to me for an assessment of their web applications to see the risks that they are facing with their applications. They want to ensure that their application is free of being manipulated and also secure, so they reach out to us to do vulnerability assessment and application penetration testing. We make use of PortSwigger's BurpSuite tool carry this out. We look at it more from an application standpoint, what common vulnerabilities there are like the top 10 OWASP vulnerabilities like Injection(OS/SQL/CMD), broken authentication, session management, cross site request forgery, unvalidated redirects/forwards, etc. Those are the primary uses we make use for this tool. View full review »
Rishi Kant
Senior Security Engineer at a insurance company with 10,001+ employees
Our primary use case for this solution is to perform application security testing. View full review »
reviewer1112304
IT Manager at a manufacturing company with 10,001+ employees
We use the solution for scanning our in-house external facing website. View full review »
Learn what your peers think about PortSwigger Burp. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.
Saminda Jayawardene
Compliance Manager at a tech services company with 201-500 employees
We're a software development company. We specialize in ensuring application security for our customers. For each and every application we release, we issue a certificate explaining that the application is up to date and that all security testing has been successfully completed. In that certificate, we also mention that PortSwigger is one of the tools that we used to test the application. Presently, we have three users. In the future, regarding product testing, I am thinking of hiring another two people, which will make us a team of five. Currently, we're releasing a lot of applications. Primarily we have three users, but keep in mind, we only have a single environment, which we need to improve and expand. View full review »
SivaPrakash
Senior Test Engineer II at a financial services firm with 201-500 employees
Our use cases are to identify the vulnerabilities of OAST and the other applications we are using. View full review »
reviewer1223976
Cyber Security Specialist at a university with 10,001+ employees
This is a solution for which I provide services to our customers and I also use it personally. As part of our organization, we build internal applications. Before they are put into production, we run a suite of security tests to ensure that our applications are not vulnerable to any known issues. We use PortSwigger Burp for testing, as well as OSASP Zap. We do similar tests in multiple tools to make sure that we cover the entire set of use cases. I have this solution deployed as one user on a single machine, which is used by a designated security tester. View full review »
reviewer1139067
User
We use this solution for the security assessment of web applications before their release to the internet. The security assessment team uses this product to identify vulnerabilities and vulnerable code that developers may introduce. We host all of the beta applications in our internal web servers and then the security team starts assessments when the development freezes. View full review »
Shrey Sethi
Penetration Tester at a tech services company with 1,001-5,000 employees
I am a penetration tester at my company and PortSwigger Burp is one of the products that I use in this capacity. It is a manual testing penetration tool. View full review »
Andrei Sandulescu
IT Auditor & Compliance Officer at Intellimind
Our primary use for this solution is to perform vulnerability scanning before we deploy software in production. View full review »
reviewer1110963
Security consultant at a manufacturing company with 10,001+ employees
The primary use case is generally for security compliance on web applications. We provide services to our customers with Burp both on-prem and on cloud. I'm a solutions consultant and we are customers of PortSwigger Burp. View full review »
reviewer1112304
IT Manager at a manufacturing company with 10,001+ employees
There are three versions and we are using all three - community, professional and enterprise. We use the community and professional versions on premises and the enterprise version is on cloud. I'm an IT Manager. View full review »
CyberSecAn08987
Cyber Security Analyst at a tech vendor with 1,001-5,000 employees
The primary use case is security for the development lifecycle. We use the application for security testing. View full review »
Securitydbe0
Security Analyst at a tech services company with 201-500 employees
My primary use case for this solution is designed around my own personal use. Burp Suite is a graphical tool for testing Web application security. The tool is written in Java. View full review »
Ashutosh Barot
Security Researcher at a financial services firm with 5,001-10,000 employees
We used this solution as a proxy. It's a software that intercepts HTTP requests. You can modify them on your system for testing web applications. View full review »
reviewer1261914
AVP - Software Quality Assurance at a tech services company with 201-500 employees
Currently, we're trying to import the solution to implement it to other applications for our website. So far, it's been fantastic. View full review »
Ivan Biagi
Security Specialist at Alfa-A IT
I use this primarily for intercepting mobile HTTP and HTTPS requests with SSL pinning bypass. It's a better tool for manual tasks. View full review »
Learn what your peers think about PortSwigger Burp. Get advice and tips from experienced pros sharing their opinions. Updated: April 2020.
442,283 professionals have used our research since 2012.