The Applications page provides an overview of your Applications and Environment activity. From this page you can manage your Application, its Environments and navigate to the latest scan results.
By default StackHawk supports
Production environment names, however environment names can be customized within your
Environments are ordered by most recent scan date and contain the latest finding overview data and scan history. Clicking on the Environment name will navigate you to the most recent scan results for that Environment.
Environments can be toggled between card view and table view.
An environment can be removed. To do so, click on
⋮ in the environment card and
This will open a modal that will confirm the action. If you chose to delete an environent, it will immediately revoke all its scan data. In case of being the last environment, the action will delete its application as well.
To scan an application, you will first add one following these steps:
- Log into StackHawk and go to the Applications page.
- Click the
Add an Appbutton. This will open a modal with steps for creating an application.
- App Details - In this step you will specify the application name.
- Technology Flags - By default all Technology Flags are enabled, and at this step you can flag specific technologies used to develop your app to check for different vulnerabilities or skip unneeded checks within HawkScan. By setting tech flags appropriately, you can reduce scan time and false positives when scanning your application. These settings can be modified later.
- Environment - You will be prompted to select an environment and provide the host url in this step. Clicking next application will be created.
- YAML - Ater the creation is completed, you will have access to the
stackhawk.ymland Docker commands to start a scan.
Clicking on the Application Name or the Arrow button will navigate you to the Application Settings page. From here you can manage General Settings, update Scan Settings or remove an Application.
Specifying the Risk Level of an Application indicates the perceived application exposure to the Business.
Specifying the Risk level of an Application indicates the perceived risk posed to the business if the application were to be breached. StackHawk supports the following levels:
- Low (default)
Data Type indicates the type of potentially sensitive data handled by the application. By default, its value will be
Unknown. StackHawk supports the following types:
- Unknown (default)
Technology Flags allows you to tune HawkScan for the specific technologies you use in your application, such as database engines and software languages.
For more information, see Technology Flags.
Remove Application button will open a modal that will confirm the action. If you chose to delete an application, it will immediately revoke the application, all it’s environments and associated scan data.