SHA256: {OPTION SHA GO HERE}
MD5: {MD5 OF THE OPTION GOES HERE}

This version offers the possibility of organizing your agent machines and your target sites into pools, in order to better organize your analysis resources. It also includes significant UI and navigation improvements, such as a new crawl results page design. The version also fixes several bugs.

Agent Machine Pools

Agent machines and sites are now organized into agent machine pools. All agent machines and all sites are assigned to one and only one pool of agent machines. Unless you specify otherwise, all machines and agent sites will be assigned to the same pool by default. An agent will scan a site only if the site belongs to the same pool of agent machines as the agent machine.

Agent machine pools support the concept of “agent affinity” and are useful if you need to limit the agent machines that can crawl certain sites. Agent machine pools stop the problem of a scan failure because the affected machine is busy elsewhere or an affected agent cannot access a restricted site for a scan. Examples of using agent machine pools are as follows:

• Keep machines and agent sites together for the same geographic area.
• Allocate the resources of a team.
• Analysis of restricted access sites.
• Reserve agent machines for specific purposes, such as CI / CD pipeline or ad hoc analysis.

User interface and navigation improvements

We have improved the user interface and experience throughout Burp Suite Enterprise Edition. These improvements include:

• We’ve improved the way we present analysis results, to make information faster and easier to understand. These changes include a set of tabs to display scan details and a site tree for the scanned sites. See here for details of the changes.
• We have added a new wizard to facilitate integration with Jira.
• The interface is now more consistent across Teams pages.
• We’ve added a Help Center page that directs uses to key category pages in the documentation.
• We have improved navigation in Burp Suite Enterprise Edition.

New user authorization to view site connection details

We have created a new user authorization to view login information (credentials and / or saved login sequences) associated with sites. This permission is not assigned to any user by default.

Bug fixes

This release also includes several bug fixes, including:

• Migrations to MS-SQL databases no longer fail when the username includes a backslash.
• When performing an offline update on Windows, you are now correctly redirected to the updated software.
• Scans no longer incorrectly report a scan failure when the scan path contains 4-byte Unicode characters.
• LDAP connections no longer fail when there are Cyrillic characters in the username.
• Filters for schedule_items Queries in GraphQL are now enumerations rather than strings. See more details here.
• Requesting problem type descriptions through GraphQL now correctly returns the description and fix.
• Database transfers to databases with custom names now work correctly.
• Removing users who have defined custom scan configurations no longer causes errors.
• Users with site restrictions creating sites in folders that they are not allowed to view can now correctly see the created site without having to sign out and then back in again.
• Running a GraphQL query of a site’s parent ID through a schedule item in an analysis no longer returns an incorrect value.
• A browser that crashes during a browser scan no longer causes an error message and the scan results are no longer available.

New in version 2021.4.1

This release provides the following bug fix:

• When upgrading from a previous version of Burp Suite Enterprise Edition and using an MS-SQL database, the agent machine pool assignments now work correctly and the tree view of the site loads without error.

Cloud deployment links

If you want to deploy this version of Burp Suite Enterprise Edition in the cloud, you can use the links below to access the corresponding templates and instructions for your preferred platform.

AWS

Azure blue