Login Start Free Trial Login Start Free Trial
 

Azure Repos

Azure Repos

StackHawk’s official Azure Repos integration.

This feature is available on the StackHawk Enterprise plan.

Overview

The StackHawk Azure Repos integration lets you connect your code through your Azure Repos workspace to unlock API Discovery with HawkAI via the Attack Surface screen.

The integration requires a Personal Access Token (PAT) with permissions to your Azure Repos workspace.

Features

  • Identify all of your testable APIs and Web Applications giving you a full picture of your organizations Attack Surface.
  • Gain insight into your Attack Surface through repository insights including identified Frameworks and commit activity, helping you prioritize what to get under test with StackHawk.
  • Easily create Applications from your code and connect repositories to existing StackHawk applications.

Requirements

StackHawk:

  • You must have a StackHawk account.

Azure Repos:

  • You must have login permissions to the Azure Repos workspace you wish to add the integration to.
    • You must have READ permissions to repositories in your Azure Repos workspace.
    • You must be able to create a personal access token with read for repositories in the Azure Repos workspace you wish to integrate with.

Permissions

With this integration you authorize StackHawk with the following permissions:

  • Code -> Read access to the connected Azure Repos workspace.

Installation

  1. Log into StackHawk and visit the Azure Repos Integration page in StackHawk
  2. Click Connect Azure Repos.
  3. Follow the prompts in this modal to provide your ADO Org Name, and personal access token.
  4. This modal will verify a successful connection after you have provided all the required information to connect.

Usage

Configuration

Configuration of Azure Repos happens on the Attack Surface screen where you can view the repositories in your attack surface and map them to Applications in your StackHawk account.

Connecting Multiple Azure Repos Organizations

StackHawk supports connecting multiple Azure Repos workspaces through the integrations screen. Simply click the Connect Azure Repos button to add an additional workspace and you will see it appear in the list below.

Updating Personal Access Token

By default, Azure DevOps Personal Access Tokens expire in 30 days which can be extended during creation to up to 1 year. When your access token expires, you can update it by clicking the Manage button for the associated Azure Repos organization and then Update to enter a new token.

Removing the Azure Repos Integration

The Azure Repos integration can be disconnected from the authorized StackHawk organization from the Azure Repos Integration page.

  1. Go to the Azure Repos Integration page in StackHawk.
  2. For each organization you want to remove, click Manage then Disconnect.
  3. Click Yes, Disconnect on the next prompt to confirm.

Troubleshooting

Repositories Not Showing Up in Attack Surface

There may be a delay from the time you connect your Azure Repos workspace and when Repositories are visible on the Attack Surface screen. For organizations with many repositories this can several minutes, however you will see a loading indicator on the Attack Surface and repositories will show up as they are processed.

Feedback

Have any suggestions, feature requests, or feedback to share? Contact StackHawk Support .