- Course
API Testing with Burp Suite
Automate API security testing by integrating Burp Suite DAST APIs with GitLab CI/CD, enabling you to trigger scans and fail builds based on detected findings.
Intermediate
- Course
API Testing with Burp Suite
Automate API security testing by integrating Burp Suite DAST APIs with GitLab CI/CD, enabling you to trigger scans and fail builds based on detected findings.
Intermediate
Get started today
Access this course and other top-rated tech content with one of our business plans.
Try this course for free
Access this course and other top-rated tech content with one of our individual plans.
This course is included in the libraries shown below:
- Security
What you'll learn
API teams ship fast, but security checks often stay manual. This leads to last‑minute surprises, inconsistent coverage, and findings that arrive too late. In this course, API Testing with Burp Suite, you’ll learn to integrate Burp Suite DAST into a GitLab CI pipeline to automatically scan an API-first lab application and gate merges based on results. First, you’ll explore Burp Suite DAST’s API options (GraphQL vs. REST) and set up a dedicated API user and key. Next, you’ll build practical GraphQL calls to query the site tree and findings, using Insomnia to iterate quickly. Finally, you’ll trigger scans via the REST API from GitLab CI, poll for completion, parse results, and fail the build when your severity threshold is exceeded. When you’re finished with this course, you’ll have the skills and knowledge needed to implement Burp-driven API scanning in CI/CD, manage API access securely, and avoid the common integration pitfalls.
API Testing with Burp Suite
Intermediate
Table of contents
Malek is an Informaion Security Consultant and Penetration Tester, he focuses on web and Android applications security.
