PortSwigger, a renowned application security software provider, today announced the launch of Burp AI, the inaugural AI-powered version of Burp Suite Professional. By harnessing artificial intelligence, Burp AI enhances human-led security testing, setting a new benchmark for web application and API security.
Burp Suite Professional is the industry's gold standard toolkit for AppSec professionals and bug bounty hunters. Operating within PortSwigger's trusted ecosystem, Burp AI guarantees that no data is retained or used for model training based on user inputsThis AI assistance is both transparent and on-demand, giving users the autonomy to decide how and when to utilize its features. By embedding AI into Burp Suite, security professionals can work smarter and faster while maintaining full control.
"The question isn't whether AI will shape the future of penetration testing, but who will leverage it most effectively," said Dafydd Stuttard, PortSwigger's founder and CEO. "At PortSwigger, our approach has always been pragmatic. We're not following the curve we're defining it. We are very excited about Burp AI, which will empower security professionals to work more efficiently and cover more ground without compromising trust, security, or control."
AI-Powered Assistance for Security Professionals
Burp AI introduces cutting-edge features that accelerate testing, eliminate inefficiencies, and help security teams uncover deeper vulnerabilities:
- Instant AI Insights Understand unfamiliar web technologies instantly with AI-powered explanations in Burp Repeater. Whether looking up obscure HTTP headers and cookies, or trying to decipher client-side JavaScript, Burp AI boosts efficiency by reducing manual research and context switching.
- Automated Issue Validation - Burp AI analyzes scanner-identified vulnerabilities with the precision of a seasoned pentester, developing proof-of-concept exploits that demonstrate impact. It also seeks ways to leverage the bug to disclose sensitive information or additional attack surface. This automation helps prioritize critical findings, reducing the risk of overlooking vital security issues.
- Smarter False Positive Reduction Starting with Broken Access Control, Burp AI enhances Burp Scanner's accuracy, significantly reducing false positives for one of the most challenging vulnerability classes to test autonomously.
- AI-Driven Authentication Handling AI-generated login sequences streamline authenticated scans, improving accuracy and eliminating the hassle of manual login recording.
- AI-Powered Customization - Users can now integrate AI into Burp Suite extensions with minimal effort using the Montoya API, ensuring secure data handling and expanding automation capabilities.
PortSwigger remains committed to refining its core tools with the best technology available and with customers top of mind. PortSwigger envisions AI as an augmentation tool-not a replacement for human expertise.
To celebrate the launch, all Burp Suite Professional users have been given 10,000 AI credits, enabling them to experiment with the new functionality at no cost.
About PortSwigger
PortSwigger is a leading provider of web application security solutions, best known for its industry-leading Burp Suite software. The company is dedicated to equipping security professionals and organizations with the tools and knowledge to stay ahead of evolving cyber threats. Learn more at portswigger.net.
View source version on businesswire.com: https://www.businesswire.com/news/home/20250331970831/en/
Contacts:
Media Contacts:
andrzej.matykiewicz@portswigger.net
amelia.coen@portswigger.net
