www.stackhawk.com Open in urlscan Pro
108.138.7.76  Public Scan

Form analysis
0 forms found in the DOM

Text Content

go to homepage
Product
Solutions
Partners
CustomersDocsPricing
Resources
Sign InCreate Account



AUTOMATED DYNAMIC APPLICATION SECURITY TESTING (DAST) IN CICD



Reduce scan times and false positives with StackHawks modern DAST solution. Gain
a comprehensive understanding of your application and API security issues.
Remediate and deliver secure code faster.



Get StartedRequest A Demo
1:43










TRUSTED BY




WHAT MAKES STACKHAWK DAST DIFFERENT?


BUILT ON TOP OF THE WORLD'S MOST WIDELY USED APPSEC TOOL

StackHawk is built on top of the world’s most popular application security
scanner, ZAP.Leverage the expertise of the open-source community behind ZAP and
get access to features that make it easier to scale your AppSec program.


FIND VULNERABILITIES EARLIER WITH AUTOMATED SECURITY TESTING

Manual penetration testing and periodical audits can’t keep pace with modern
software development. Reduce your risk profile with automated AppSec
vulnerability testing that lives in CI/CD. Save hours every week with automated
testing and findings reviews.


IDENTIFY VULNERABILITIES IN APIS AND MODERN APPS

API abuses are becoming the most-frequent attack vector, resulting in data
breaches for enterprise web applications [Gartner].Scan front-end apps, backend
APIs (including REST and SOAP), and underlying microservices independently.
StackHawk is the only scanner on the market that was built to support GraphQL.


SCALE YOUR APPSEC PROGRAM ACROSS THE DEVELOPMENT ORG

Make it simple for developers to run security testing in the pipeline.Kick-off
scans with a Docker command, view results in the dev-friendly platform,
integrate with all of your team’s favorite tools, and manage configs via YAML.


TRACK YOUR RISK EXPOSURE OVER TIME

Monitor your applications for new vulnerabilities, identify what issues have
been triaged, and share comprehensive vulnerability reports within your org.Use
the audit log to see when important events happened – like users being added,
scans are kicked off, or a new finding is triaged.


WORD ON THE STREET

 1. 
 2. 
 3. 

Having used other tools to do application scanning, I am excited to watch
Stackhawk democratize the process, making scan setup and execution easier for
devs, QA, and DevOps folks.



Tate Crumbley

Principal Security Engineer | Sovrn

StackHawk accelerated our acceptance into the Salesforce AppExchange by allowing
us to easily find and mitigate even the smallest of security vulnerabilities. It
continues to fortify the defenses of our platform on every commit so we can be
proactive against future threats.



Jacob Caban-Tomski

Sr. Software Engineer | Commercial Tribe

We're constantly seeking opportunities for improving our security posture and
StackHawk struck us immediately as a strong tool to include in our toolbox.
Super pleased in running our first scans today, with time from registration to
results and a periodic scan in place through GitHub Actions in twenty minutes.



James Ramirez

CTO | Essentia Analytics


WHAT STACKHAWK TESTS


AS A DYNAMIC TESTING TOOL, STACKHAWK IS LANGUAGE AGNOSTIC.

SERVER SIDE HTML

SINGLE PAGE APPLICATIONS

REST APIS

GRAPHQL APIS

AUTHENTICATED APPLICATIONS

Watch a Demo


INTEGRATIONS

Your application security tooling is just another part of your engineering
stack. With StackHawk, integrating AppSec into your existing workflows is easy.

...and more


GETTING STARTED


TEST YOUR APPLICATION

Get started with a local test:
 * Sign up for an account
 * Build your initial config
 * Kick off a Docker-based scan on the command line
 * Review findings
 * Expand config to include underlying APIs, authenticated scans, and more


TEST YOUR APPLICATION

Get started with a local test:
 * Sign up for an account
 * Build your initial config
 * Kick off a Docker-based scan on the command line
 * Review findings
 * Expand config to include underlying APIs, authenticated scans, and more


TEST GOOGLE FIRING RANGE

See data from a sample application:
 * Sign up for an account
 * Select Google Firing range sample
 * Review findings
 * Copy config to run your own GFR scan
 * Modify config to test your own application


TEST GOOGLE FIRING RANGE

See data from a sample application:
 * Sign up for an account
 * Select Google Firing range sample
 * Review findings
 * Copy config to run your own GFR scan
 * Modify config to test your own application

Get Started Today


READY FOR MORE?



READ THE DOCS



Get up and running in less than an hour. Build the config file and then $ docker
run hawkscan to find your security bugs.

Read the Docs

GET STARTED



Find and fix application security bugs before they hit production. Build your
config and run your first scan in less than 15 minutes.

Get Started

REQUEST A DEMO



If you are interested in seeing more of the StackHawk platform, schedule time
with our team for a live custom demo.

Request a Demo

We use first and third party cookies to ensure that we give you the best
experience on our website and in our products. If you continue to use this site
we will assume that you are happy with it and we'll let corporate know.
OKPrivacy policy
Close GDPR Banner

PRODUCT

 * Overview
 * Why StackHawk
 * How it Works
 * What it Tests
 * Pricing
 * Integrations
 * Sign In

RESOURCES

 * Getting Started
 * Docs
 * Customers
 * Config
 * Run Hawkscan
 * Troubleshooting
 * Blog
 * ZAP Fund
 * Watch a Demo

COMPANY

 * About
 * Team
 * JobsWe're Hiring
 * Press
 * Security

GET IN TOUCH

 * Contact Us
 * hello@stackhawk.com
 * StackHawk Inc.
   1624 Market St,Ste 226
   PMB 36969
   Denver, CO 80202
 * Follow
 * Visit Stackhawk's Twitter AccountVisit Stackhawk's Linkedin Company
   ProfileVisit Stackhawk's Facebook AccountVisit Stackhawk's Github Account

--------------------------------------------------------------------------------

©2022 StackHawk Inc., All Rights Reserved

|Terms|Privacy

Crafted in Colorado