[IT] Burp Suite

Burp Suite, Choice of security professionals

 

The hacking or phishing are so popular news nowadays, and even critical financing, utility or military cyber crimes are almost everyday news.  So what should we do as a member of IT business?

 

I've looked many security standards, processes, rulesets or solutions, but I got only one answer.  

The security solutions are not finite, and it will be evolved all potentiall attacks on infinite steps.

 

I studied what are major hacking patterns, and I focused on pre-review for source code and on-going monitoring for operation. And Burp Suite looks best pick for pre-review solution of source code to do vulnerability test or the penetration test in order to run secure eCommerce or website services. 

 

Burp Suits architecture [출처: https://cybersecurityleituras.blogspot.com]

 

I think that Burp Suite is not popular, and even if it would be add up a kind of penetration tools.

It will be long story, but I try to explain short. It is popular about digital privacy for cyber environment. And there were big news about leak of private information from major internet service providers, such as facebook, yahoo or google within 5-10 years.

 

 

It is quite famous cyber security term, but it looks too vague and broad concept. I like really to ask you if you get a certificate of cyber security, and it can not mean to make secure website.

 

I’ve worked the development and operation of internet & mobile services, so I realize that it is not matter of security technology, but matter of security experience & knowledge, and I have some pattern of preventive activities about cyber security.

 

Firstly, it is to study basic knowledge of cyber security and to look at popular news of privacy incidents and trends. Please look at OWASP report as well.

Secondly, it needs to get the lesson for different types of penetration tools and the complex result through these tools.

Finally, it will be tuning points between threat types and preventive updates.

 

The penetration tools are basic tactic of cyber security, and Burp Suite is one of them. And it is critical things how we can utilize this tool more effectively.

I recommend that it will take very long learning curve about cyber security and penetration tools.

* URL of Burp Suite: https://portswigger.net/burp

** Wiki for Burp Suite: https://en.wikipedia.org/wiki/Burp_Suite

 

 

 

How to use Burp Suite for penetration testing

 

Burp Suite - Application Security Testing Software