HawkDocs

Overview

StackHawk is an application security testing tool built for developers. With powerful automation and integration capabilities, StackHawk gives engineers the ability to find and fix security vulnerabilities on every merge. 🦅 #Kaakaww!

tl;dr

Here’s the rundown on StackHawk:

  • 🧪 Modern Application Security Testing: StackHawk is a dynamic application security testing (DAST) tool, helping you catch security bugs before they hit production.
  • 💻 Built for Developers: The engineers building software are the best equipped to fix bugs, including security bugs. StackHawk does security, but is built for engineers like you.
  • 🤖 Simple to Automate in CI: Application security tests belong in CI, running tests on every PR. Adding StackHawk tests to a DevOps pipeline is easy.

Product Overview

StackHawk is made up of two core pieces - the HawkScan scanner and the StackHawk Platform.

  • HawkScan: HawkScan is a DAST scanner that runs in a Docker container. Run HawkScan to test for vulnerabilities throughout the pipeline.
  • StackHawk Platform: As HawkScan continuously finds web application vulnerabilities, the StackHawk Platform provides an interface to manage vulnerabilities, promote issues for remediation in your existing ticketing tools, and track vulnerabilities in an application over time .

How is HawkScan Different?

StackHawk proudly leverages OWASP ZAP as the foundation for its scanner. In addition to ZAP’s underlying capabilities, StackHawk provides users with:

  • Scan Automation: Built for DevOps teams and packaged as a Docker container, StackHawk allows you to automate your AppSec testing throughout CI/CD.
  • Improved Results: Scan results are interpretable and actionable to ensure you can quickly fix vulnerabilities and get back to building software. StackHawk will only draw your attention to new and valuable information to eliminate noise in the system.
  • Rich Integrations: StackHawk integrates with tools already used in the development workflow like Jenkins, GitHub Actions, and CircleCI, as well as workflow tools like DataDog, Slack and Jira. Check out our integrations for all the details.

The StackHawk team is hard at work adding new features and is here to provide support. If you need anything, please get in touch by emailing us at support@stackhawk.com.

…so what are you waiting for?!

Time to start scanning!