Organization Security
Organization Security settings let owners configure policies that apply to everyone in the organization. Manage these settings from Settings → Organization Security.
These settings can impact user access to your organization. Review changes carefully before saving.
IP Allow List
The IP Allow List restricts access to your StackHawk organization to a set of approved IPv4 CIDR ranges. When the list is populated, only users connecting from a listed range can access the platform. When the list is empty, all IP addresses are allowed.
This feature restricts access for everyone in the organization. Make sure your current IP is included in at least one range before saving.
Adding a Range
- Go to Settings → Organization Security.
- Click Add restricted IP range.
- Enter an IPv4 CIDR range (e.g.,
203.0.113.0/24). - Click Add to stage the range, then Save to apply it.
You can add multiple ranges to cover office networks, VPN egress IPs, and other trusted sources.
CIDR Format
Ranges must be valid IPv4 CIDR notation and must be public IP addresses — the egress IPs your users actually connect from (office WAN, VPN exit, corporate proxy). Private RFC 1918 ranges (e.g., 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16) will never match inbound traffic and have no effect.
| Example | Covers |
|---|---|
203.0.113.42/32 | A single IP address |
203.0.113.0/24 | 256 addresses (203.0.113.0–.255) |
198.51.100.0/22 | 1,024 addresses across a larger block |
Removing a Range
Remove a range from the list and click Save to apply the change. If you remove the last range, the organization returns to allowing all IP addresses.
Recovering From Lock-Out
If you are having trouble with organization access contact StackHawk Support for assistance.