Rootshell Platform (2.3) introduces support for Burp Suite, project-based SLAs, and a host of new automations that streamline and accelerate vulnerability management.

Rootshell now integrates with Burp Suite Professional, a toolkit used extensively by penetration testers, and Burp Suite Enterprise, which is used for web application testing.

Users are able to upload exports from both Burp Suite Professional and Burp Suite Enterprise to manage their vulnerabilities within Rootshell.

Additionally, Burp Suite Enterprise users can enable Rootshell to automatically import results on their behalf once new scans have been completed.

As well as Burp Suite Enterprise, Rootshell can now automatically import results from Qualys and Outpost24.
This saves users significant manual effort, so they can benefit from the platform’s powerful remediation tools as soon as their scanners deliver results.

The full list of scanners supported by this feature are:

• Nessus Pro
• Tenable.io WAS
• Tenable.io VM
• Qualys
• Outpost24
• Burp Suite Enterprise

Users can now set service level agreements (SLAs) that are unique to specific projects. This is really useful for setting targets for projects that need to be addressed faster than company-wide SLAs.

Once a user has set SLAs within the platform, Rootshell makes it effortless to track compliance. Users are alerted to non-compliant issues and the Compliance Dashboard generates insightful metrics, such as the mean-time-to-remediate (MTTR) for each severity rating. Users can also see at a glance whether issues relating to their most important assets are being remediated on time.

It’s now even easier to prioritize assets with Rootshell. The platform automatically merges assets based on users’ settings, such as by IP address or Host Name. Users can also update the details of their assets in bulk, making it seamless to maintain up-to-date asset inventories.