Changelog

Performance and stability improvements when scanning large sites.

If you are an individual developer looking to get the application security basics under your belt, our all-new free tier was built just for you. In this single user plan, you will get all the best parts of StackHawk's Team plan. You can run scans and manage findings for a single application and receive weekly updates.

Improvements across the app to increase usability of Announcements panel, Slack Integration and Settings pages.

Email signups will now be verified with reCaptcha v3 technology because bots are sneaky.

Fixed a bug with the Jira Integration when sending findings to Jira next-gen projects, the integration now uses the correct “Bug” issue type enabled for the project.

See a visual indicator in the web app sidebar when new release notes have been published

View who last updated a finding’s status from the Findings Details page panel Activity tab

Improvements across the app to increase usability of Announcements panel, Findings Details table, Login and Settings pages

Applications with a risk level of low can be added in the Getting Started flow and Applications page

We broke the validate button. In this release, we fixed it. Various other bug fixes and improvements.

Print or download a report of scan findings for an application and environment from the Scans and Scans Details pages.

Opt out of weekly emails from the Notifications panel of the Settings page.

Improvements across the web app to increase usability of scrollbars, form fields, mobile display, announcements panel and table spacing

HawkDocs have been updated with a new design, dark mode, and responsive mobile layouts.

HawkScan was released with improvements to the GraphQL vulnerability scanner configuration to support scanning with file-based schemas.

Listed Applications can be viewed as a table, rather than cards, in the StackHawk platform. This creates more real estate for organizations with many applications.

Organization owners can now remove users from their org.

Assign Risk Level and Data Type for your applications from the Applications page of the StackHawk platform.

When viewing the scan details page, the version of HawkScan alongside whether an update is available is displayed.

Review the StackHawk and HawkScan release notes from the official documentation.

Taking Jira actions on the Findings page has been improved on the paths table and details panel. Jira tickets search has been optimized.

When an error occurs during a scan the associated environment card on the Applications page will accurately display an errored state.

HawkScan was released with a fix to support scanning endpoints that don't specify a port.

Hawkscan will now accept the app.includePaths configuration, specifying any routes the scanner should visit.

Hawkscan will now send additional telemetry and improved exception introspection.

Organization owners will now see a weekly email containing summaries of your weekly activity using StackHawk

Send your StackHawk scan notifications to Datadog.

Accessibility improvements around navigating the StackHawk platform via keyboard

View your applications and environments in a compact view from the Applications page

Added clarity around the steps of the Getting Started flow, as well as the ability to skip the Getting Started flow

The StackHawk application will detect your operating system and display the proper set of command-line shell commands

Applications page display on mobile and tablet size screens has been updated to improve usability

Panel will now persist user’s choice of viewing request or response metadata for a specific finding

Placeholder UI implemented for API key table, members table and account info pages

Application filter shows application name instead of ID when navigating to the Applications page with query strings in the URL

Support using GraphQL schema from file

Toast notifications now display error messages, in addition to success confirmations when taking action on scan findings

Use python print() in most places - errors still use the logging mechanism

term_color flag is checked in the Logger module to respect colored output in the terminal

Improved access to the billing page from the account settings view

Connect StackHawk with Slack and receive notifications on HawkScan events

Adds colors and logging for YAML exceptions and clear color delineation for problem items in the YAML config

Update the config loader to include the filename with the stream

Add new exception type for YAML exceptions, granulate the exception handler on the top level and add generic log output controls for info and error

Disables certain zap plugins causing false positive reports in scanned applications

Choose between the Startup, KaaKaww, or Enterprise Plans on the StackHawk settings page

Find documentation on the StackHawk Bamboo Integration from the Integrations tab

Improved display of findings status in the right panel, linking to Jira from the right panel and updating status experience

Each page of the settings menu has a dedicated URL

Increased size of the kebab button on the cards of the Applications page

Refreshing the page during the Getting Started flow will preserve your progress in the flow

Data returned for Findings and Scans tables is paginated to improve performance of unbounded data lists

Reset your password for accessing the StackHawk platform from the profile page

Settings navigation is optimized for mobile and small screen sizes

Hovering over the graphs on the Applications page will display details of a specific scan

From the Applications page view your latest scan results for a specific application by choosing one of the options in the kebab menu

See current status, history of past scans, and manage your applications and environments via the Applications tab in the sidebar

Findings Details page contains pagination controls

Modals display has been improved for usability on smaller screen sizes

Integrate with your Jira Software instance to manage your appsec bugs by assigning and linking to Jira tickets

Filter scans in the Scans List by Application and Environment

New link to Azure Pipelines HawkDocs

Scan findings URLs are now sorted alphabetically as well as by status