Applications

Applications Page

The Applications page provides a streamlined view of your applications, environments, and security testing activity. This enhanced list is designed to scale with your growing application portfolio, making it easy to manage applications, monitor scan results, and keep track of security performance. The new layout supports improved filtering, sorting, and search capabilities for better oversight of your application security.

StackHawk Platform - applications oversight

New Features

Tabular View for Applications

The new tabular view replaces the previous card-based application list, providing a clean and detailed display of all your applications. Key metrics such as the last scan date, findings from the last scan, and scan duration are displayed in sortable columns. This layout makes it easier to identify trends, such as applications with the most critical findings or those experiencing longer scan times.

Search and Filtering

The updated search and filtering capabilities allow users to filter applications by name, team, environment, and other custom facets. A clear indicator shows when filters are applied, making it easy to understand the current view. This enhancement is especially useful for larger organizations managing multiple applications across different environments.

StackHawk Platform - applications filters

Environments

StackHawk supports customizable environment names, such as Development, Pre-Production, and Production. Environments are ordered by the most recent scan date and display an overview of the latest findings. Clicking on the environment name navigates to the scan results for that environment.

Removing an Environment

To remove an environment, click on the ⋮ menu next to the environment name and select Delete Environment. Confirming this action will delete the environment and its scan data. If it is the last environment in the application, the entire application will be deleted as well.

StackHawk Platform - Delete Env

Create an Application

To scan an application, you will first add one following these steps:

Log into StackHawk and go to the Applications page.
Click the Add an App button. This will open a modal with steps for creating an application.
App Details - In this step you will specify the application name, environment name, and the host url of your running application.
App Type - You will be prompted to select the Application Type. After clicking Next, the application will be created.
YAML - After the creation is completed, you will have access to the applicationId, stackhawk.yml, and Docker or CLI commands to start a scan.

StackHawk Platform - Add an App

Application Settings

To access settings for an application, click on the ⋮ menu on the environment row and select View App Settings. From here you can manage General Settings, update Scan Settings or remove an Application.

StackHawk Platform - Application Management

General Settings

Risk Level

Specifying the Risk Level of an Application indicates the perceived application exposure to the Business.

Specifying the Risk level of an Application indicates the perceived risk posed to the business if the application were to be breached. StackHawk supports the following levels:

Low (default)
Medium
High

Data Type

Data Type indicates the type of potentially sensitive data handled by the application. By default, its value will be Unknown. StackHawk supports the following types:

PII
PCI
FIN
PKI
HIPAA
FERPA
Unknown (default)

Technology Flags

Technology Flags allows you to tune HawkScan for the specific technologies you use in your application, such as database engines and software languages.

App Settings

For more information, see Technology Flags.

Removing Application

Clicking Remove Application button will open a modal that will confirm the action. If you chose to delete an application, it will immediately revoke the application, all it’s environments and associated scan data.