Penetration testers today face passive blindness, payload crafting overhead and expertise fragmentation - challenges that artificial intelligence can help address, if integrated thoughtfully into existing workflows. VISTA is an open-source Burp Suite extension that brings context-aware LLM reasoning directly into Proxy and Repeater, analyzing traffic in scope and surfacing findings without replacing human judgment.

This session, led by Fidelity Information Services' Rishav Raj and Rajkumar Rathod, will cover:

• How VISTA's traffic monitoring and AI adviser features help identify hard-coded secrets, hidden parameters and exploitable endpoints that go unnoticed during manual testing;
• How customizable system prompts, prompt templates and a payload library allow teams to encode their own methodology and vulnerability-specific workflows;
• How VISTA addresses LLM limitations, including context loss and hallucination, through session memory management, scoped analysis and model flexibility across OpenAI, Azure AI and open-source options.