Applications
Applications Page
The Applications page provides an overview of your Applications and Environment activity. From this page you can manage your Application, its Environments and navigate to the latest scan results.
Environments
By default StackHawk supports Development
, Pre-Production
and Production
environment names, however environment names can be customized within your stackhawk.yml
configuration.
Environments are ordered by most recent scan date and contain the latest finding overview data and scan history. Clicking on the Environment name will navigate you to the most recent scan results for that Environment.
Environments can be toggled between card view and table view.
Removing Environment
An environment can be removed. To do so, click on ⋮
in the environment card and Delete Environment
.
This will open a modal that will confirm the action. If you chose to delete an environent, it will immediately revoke all its scan data. In case of being the last environment, the action will delete its application as well.
Create an Application
To scan an application, you will first add one following these steps:
- Log into StackHawk and go to the Applications page.
- Click the
Add an App
button. This will open a modal with steps for creating an application. - App Details - In this step you will specify the application name, environment name, and the host url of your running application.
- App Type - You will be prompted to select the Application Type. After clicking
Next
, the application will be created. - YAML - Ater the creation is completed, you will have access to the
applicationId
,stackhawk.yml
, and Docker or CLI commands to start a scan.
Application Settings
Clicking on the Application Name or the Arrow button will navigate you to the Application Settings page. From here you can manage General Settings, update Scan Settings or remove an Application.
General Settings
Risk Level
Specifying the Risk Level of an Application indicates the perceived application exposure to the Business.
Specifying the Risk level of an Application indicates the perceived risk posed to the business if the application were to be breached. StackHawk supports the following levels:
- Low (default)
- Medium
- High
Data Type
Data Type indicates the type of potentially sensitive data handled by the application. By default, its value will be Unknown
. StackHawk supports the following types:
- PII
- PCI
- FIN
- PKI
- HIPAA
- FERPA
- Unknown (default)
Technology Flags
Technology Flags allows you to tune HawkScan for the specific technologies you use in your application, such as database engines and software languages.
For more information, see Technology Flags.
Removing Application
Clicking Remove Application
button will open a modal that will confirm the action. If you chose to delete an application, it will immediately revoke the application, all it’s environments and associated scan data.