Applications

Applications Page

The Applications page provides an overview of your Applications and Environment activity. From this page you can manage your Application, its Environments and navigate to the latest scan results.

Environments

By default StackHawk supports Development, Pre-Production and Production environment names, however environment names can be customized within your stackhawk.yml configuration.

Environments are ordered by most recent scan date and contain the latest finding overview data and scan history. Clicking on the Environment name will navigate you to the most recent scan results for that Environment.

StackHawk Platform - card-view

Environments can be toggled between card view and table view.

StackHawk Platform - list-view

Removing Environment

An environment can be removed. To do so, click on in the environment card and Delete Environment.

This will open a modal that will confirm the action. If you chose to delete an environent, it will immediately revoke all its scan data. In case of being the last environment, the action will delete its application as well.

StackHawk Platform - Delete Env

Create an Application

To scan an application, you will first add one following these steps:

  1. Log into StackHawk and go to the Applications page.
  2. Click the Add an App button. This will open a modal with steps for creating an application.
  3. App Details - In this step you will specify the application name.
  4. Technology Flags - By default all Technology Flags are enabled, and at this step you can flag specific technologies used to develop your app to check for different vulnerabilities or skip unneeded checks within HawkScan. By setting tech flags appropriately, you can reduce scan time and false positives when scanning your application. These settings can be modified later.
  5. Environment - You will be prompted to select an environment and provide the host url in this step. Clicking next application will be created.
  6. YAML - Ater the creation is completed, you will have access to the applicationId, stackhawk.yml and Docker commands to start a scan.

StackHawk Platform - Add an App

Application Settings

Clicking on the Application Name or the Arrow button will navigate you to the Application Settings page. From here you can manage General Settings, update Scan Settings or remove an Application.

  Apps  
  StackHawk Platform - Application Management  

General Settings

Risk Level

Specifying the Risk Level of an Application indicates the perceived application exposure to the Business.

Specifying the Risk level of an Application indicates the perceived risk posed to the business if the application were to be breached. StackHawk supports the following levels:

  • Low (default)
  • Medium
  • High

Data Type

Data Type indicates the type of potentially sensitive data handled by the application. By default, its value will be Unknown. StackHawk supports the following types:

  • PII
  • PCI
  • FIN
  • PKI
  • HIPAA
  • FERPA
  • Unknown (default)

Technology Flags

Technology Flags allows you to tune HawkScan for the specific technologies you use in your application, such as database engines and software languages.

App Settings

For more information, see Technology Flags.

Removing Application

Clicking Remove Application button will open a modal that will confirm the action. If you chose to delete an application, it will immediately revoke the application, all it’s environments and associated scan data.

  Remove an App