Changelog

HawkScan now has the ability to create applications from the command line.

HawkScan now sports more colorful terminal output, and shows a progress bar when discovering large OpenAPI specifications.

Include and Exclude Path configuration now applies to OpenAPI specifications. Paths in an OpenAPI specification will not be discovered if they are excluded, and will only be discovered if they are included.

Fixed a bug when scanning with large GraphQL API schemas causing HawkScan to not finish correctly.

Fixed a bug where Include and Exclude Paths would not be respected on Windows, or could find no results with conflicting entries.

HawkScan logs to the .hawk/logs directory in the user home directory on Windows.

GitHub Insights Beta Launch! Connect your GitHub repositories to StackHawk applications. Track StackHawk scans in context with code repositories, bulk create applications to scan from these repositories, and invite code contributors into the platform all in one place.

There were a few types of API documentation that were not being included in scan discovery for optimization tips. Now, GraphQL, gRPC, and SOAP APIs will all count towards having scan discovery enabled.

The empty states for the Applications Page and the Scans Page will now prompt you to make and configure your Applications, and invite more hawks to your nest.

For organizations on the StackHawk enterprise plan, owner & admin roles can now create new teams directly from the Teams dropdown on the Applications and Scans pages.

Added experimental support for running HawkScan as an ongoing daemon process for authentication validation.

Added support for supplying multiple cookies and tokens.

improved custom value injection for more granularity when scanning OpenAPI, GRPC or GraphQL APIs with HawkScan.

It is now possible to run HawkScan configured with a url to a stackhawk.yml file.

Fixed a bug that prevented scanning gRPC applications over tls.

Fixed a bug where HawkScan could fail to start if a Zap process was not previously stopped or running as a daemon with hawk perch.

Fixed a few bugs where error or debug logging of messages from Zap would not have headers fully redacted when configured.

A variety of bugfixes supporting outbound proxy behavior, particularly when running HawkScan with proxy support on Windows.

The scan details page now displays our new Optimization Tips panel which houses key feature configuration advice to improve your scan speed and accuracy. We've also added the optimization icon to the application environment cards so you can quickly identify which configurations need your attention. This is available only for Pro and Enterprise plan.

We would love to know a little more about you, so we've added a role collection to the signup page. This will help us continue to improve our experience.

Because we know that sometimes getting the details of a new application requires the help of your developers, we've added quick access to the user invite flow directly to the create an app wizard.

Added support for defining values in the stackhawk.yml to be redacted from HawkScan logs.

Added support for HawkScan to be used with an outbound proxy.

Updated and optimized networking libraries.

Fixed a bug with the location of HawkScan logs on Windows.

StackHawk now supports Atlassian Security in Jira functionality with the existing jira cloud addon.

StackHawk has deprecated support for the Jira Data Center Integration.

Cleaned up some rough edges around the self-service experience.

Updated the Slack and Microsoft Teams integration management pages to be consistent with other integrations.

Added support for scanning grpc applications.

Users can now add NTLM authentication to their scans.

Fixed minor bugs throughout the app.

Environment cards will now display our new API type icons with your next scan!

Cleaning up some sneaky bugs and improving the all-round performance of our app.

Integrate StackHawk with Microsoft Azure DevOps Boards to track findings as work items.

The relevant code snippets for a GitHub CodeQL SAST finding will now be displayed in StackHawk.

Added the ability to specify which scan event(s) a webhook receives.

Fixed formatting of markdown links in the Gitlab DAST report.

Fixed a bug where HawkScan could select a different version of Java to start Zap on systems with multiple versions of Java installed.

Fixed a bug where app.waitForAppTarget could fail when running in Docker.

Fixed a null-pointer issue when parsing incomplete OpenAPI specifications with empty POST request bodies.

Added the ability to specify which application(s) a webhook applies to so that webhook receives alerts only for relevant scans.

Create groups of applications with Teams and assign users the Member role to limit their access.

Various bugfixes and improvements.

Added the ability to create and enable multiple webhooks.

Improved how Scan Policy events are displayed in the audit log.

Filters now automatically update when selecting Applications and Environments on the applications and scan results pages.

Tech Flags in application settings has been redone for easier access and configuration.

HawkScan can now be installed on Windows operating systems with a dedicated MSI installer.

Added support to customize the application scan policy directly from the StackHawk Platform, enabling HawkScan to deliver faster and tailored scan results.

Fixed a bug when parsing large OpenApi specifications.

Updates Log4J library to 2.19.0.

Added the ability to connect a Snyk Integration at the Snyk Group Account level.

Various updates to the Auth Getting Started examples.

The account's billing status is now shown.

Underlying Netty and Apache networking libraries were upgraded to the latest versions, supporting HTTP2.

Embedded Kotlin and JavaScript scripting engines now have access to the HawkScan configuration at runtime.

Added the app.openApiConf.maxAliasesForCollections setting to control the number of allowed anchor aliases when parsing a YAML OpenApi definition.

Improved the Atlassian Jira Cloud integration to enable selecting an issue type when triaging findings into Jira issues.

Users invited to an existing account now have a streamlined sign-up experience.

Added a new Operations tab, visible only for GraphQL scans, that includes a complete list of operations used during a scan.

Generate the CLI or Docker command for rescanning your application with the Rescan findings button. Rescan allows you to test an application for only previously discovered findings.

Rescan an application to quickly test only previously discovered findings.

Configure HawkScan GraphQL API scans with Faker supplied data for better scan results.

Run the StackHawk CLI on a Windows terminal using an included hawk.ps1 PowerShell script.

Improved the linting and validation of stackhawk.yml files to catch unexpected fields in the HawkScan configuration.

Our GitHub integration will now consider the failure threshold (set using hawk.failureThreshold in your configuration) to communicate scan success or failure in build checks and pull-request comments. Pull-request comments have been updated to include more relevant information in an easier-to-consume format.

Users can now get their code contributors count via Github Integration or Code Contributors Script without contacting Stackhawk Sales team