Author Archives: PortSwigger Blog

At Black Hat USA and DEFCON 2025, PortSwigger’s Director of Research, James Kettle, issued a stark warning: request smuggling isn’t dying out, it’s evolving and thriving. Despite years of defensive ef Continue reading HTTP/1.1 Must Die: What This Means for Contract Pentesters and MSSPs→

The Hidden Threat That’s Slipping Past Your Security HTTP request smuggling remains one of the most dangerous yet frequently overlooked web vulnerabilities today. Despite being a widely known issue si Continue reading The Desync Delusion: Are You Really Protected Against HTTP Request Smuggling?→

Ever wondered how attackers can compromise modern websites by exploiting invisible cracks in HTTP infrastructure to win big bounties? In his latest video, NahamSec walks through the basics of request Continue reading HTTP Request Smuggling Explained: with seasoned bug bounty hunter NahamSec and world-class researcher James Kettle→

Shifting security left promises faster, safer software delivery – but for many teams, that promise is undercut by painful scan performance, false positives, and pipeline friction. In our recent webina Continue reading Watch the on-demand webinar: Shift left without the strain→

Las Vegas. August. Protocols are getting torn apart. This summer, PortSwigger returns to Black Hat USA and DEF CON 33 with a host of new talks, events and ways to meet PortSwigger and the the teams be Continue reading PortSwigger at Black Hat & DEF CON 33→

It’s been a whirlwind two months since AI-powered features landed in Burp Suite Professional. Thousands of security testers across the world have been using Burp AI to find vulnerabilities and secure Continue reading Two months of Burp AI: empowering security testers with the future of AppSec→

We’re proud to announce that PortSwigger has been awarded the prestigious King’s Award for Enterprise in the category of International Trade – a recognition that reflects our sustained international s Continue reading PortSwigger Honored with the King’s Award for Enterprise in International Trade→

We recently hosted a webinar to introduce Burp Suite DAST, the new name for Burp Suite Enterprise Edition, the best-in-class, automated web application and API security scanning solution for modern Ap Continue reading Meet Burp Suite DAST: Your questions answered→

AI is transforming Application Security, and PortSwigger is leading the charge. In a must-watch interview, Clint Gibler – one of the leading voices in the AppSec industry – sat down with PortSwigger F Continue reading Elevate your testing with Burp AI: watch Clint Gibler’s exclusive interview with PortSwigger’s Dafydd Stuttard and James Kettle→

Over the past year, we’ve been hard at work making Burp Suite Professional faster, smarter, and more powerful than ever before. From the launch of Burp AI to major performance upgrades, there’s never Continue reading What’s new in Burp Suite Professional: A year of innovation→