StackHawk Documentation StackHawk Logo HawkDocs
integrations
workflows
endor labs

No results found

Try different keywords or check your spelling

Search documentation

Find guides, API references, and more

esc

Endor Labs

Endor Labs

StackHawk’s official Endor Labs integration.

Overview

StackHawk with Endor Labs helps teams identify and prioritize security issues by correlating static analysis (SAST) results with dynamic testing (DAST) findings.

With this integration you can:

  • View Endor Labs results alongside HawkScan findings
  • See the exact line of code associated with vulnerabilities
  • Confirm whether SAST-detected vulnerabilities are exploitable through DAST validation
  • Prioritize remediation based on correlated results

Features

  • Automatically link HawkScan findings with Endor Labs issues during scan runs
  • View Endor Labs issue details in the Finding Details view with direct links to Endor Labs

Requirements

StackHawk

You must have one of the following StackHawk account types:

  • Pro
  • Enterprise
  • Enterprise Trial

Endor Labs

  • An Endor Labs account with API access
  • An API Key and API Secret with appropriate permissions

Setup

  1. Log in to StackHawk and navigate to the Endor Labs Integration page.
  2. Click Enable Endor Labs.

Enable Endor Labs

  1. In the Connect To Endor Labs modal, enter your Endor Labs API Key and API Secret, then click Connect.

Connect to Endor Labs

  1. In the Configure Endor Labs Integration modal:
    1. Select the Endor Labs Project you want to connect.
    2. Select the StackHawk Application you want to map to the Endor Labs Project and click Save Mapping.
  2. On the Endor Labs Integration page, the Connected Projects list shows the connected Endor Labs Project and StackHawk Application.

Configuration

You can add and delete connected projects on the Endor Labs Integration page.

Usage

Once the Endor Labs integration is enabled, the Endor Labs logo appears throughout StackHawk when there is an Endor Labs connection. When a StackHawk Application and an Endor Labs Project are connected, HawkScan links its findings with correlated Endor Labs issues for all environments in that application.

Application badging

Applications mapped to an Endor Labs project display the Endor Labs logo under the application name.

Scan and finding list badging

When viewing the scan list or the list of findings for a specific scan, a SAST column is present. If this column displays the Endor Labs logo, the scan or finding has a linked Endor Labs issue.

Finding details Endor Labs tab

When viewing a finding that has a linked Endor Labs issue, the Endor Labs tab displays issue details with links to Endor Labs for more information. The tab shows at most 15 instances of the found Endor Labs issue.

Troubleshooting

Setup issues: Verify that your Endor Labs API Key and Secret have the required permissions.

No linked Endor Labs issues: Ensure you have connected a StackHawk Application and Endor Labs Project in the integration settings.

Past scans not showing Endor Labs issues: Endor Labs issues are only linked for scans run after the Application and Project are connected. Past scans cannot be retroactively linked.

Environment-level mapping: Mappings are configured at the Application level. All scans for all environments in an application will have findings linked with Endor Labs issues. It is not currently possible to map a single environment to an Endor Labs project.

Feedback

Have suggestions, feature requests, or feedback? Contact StackHawk Support.

Your privacy settings

We use first and third party cookies to ensure that we give you the best experience on our website and in our products.

Privacy Policy