Blog

Announcing Our Latest Financing Round

Joni Klippert March 18, 2020

It feels like yesterday that my co-founders and I decided to take the leap to start a company aimed at fixing what we believe is broken about application security. Two of us with experience building tools for the DevOps ecosystem, and another with a career built in Security, agreed that most of the fundamentals of application security today needs to change, from who uses the tools, to how they work in the modern development pipeline, to how a product like this should be tested and purchased. […]

Application Security is Broken. Here is How We Intend to Fix It.

Ryan Severns May 20, 2020

Application security as we know it today is broken. You commit your code and push features into production, only to get a high priority Jira ticket from security months later with little context. At this point, a security bug has been in production for months and you are pulled into an inefficient fix process. There is a better way. […]

Sharing Dependencies and Gradle Plugins between Kotlin/SpringBoot Services

Topher Lamey May 18, 2020

How we handle shared dependencies across our SpringBoot/Kotlin/Gradle projects, allowing us to scale services and team members. […]

Three reasons Developers struggle with AppSec (and How to Make it Easier)

Scott Gerlach May 6, 2020

In my over twenty years in information security, I’ve experimented with my approach to AppSec a couple ways. I’ve bought REALLY expensive AppSec tools, I’ve hired LOTS of AppSec pros, and I’ve sent MANY developers to AppSec training. […]

Application Security Observability

Scott Gerlach May 2, 2020

Nobody wants to ship insecure applications. But with application security practices that lag behind frequent deployments (or are just non-existent), apps are shipped to production without ensuring that they are free of security bugs. […]

April Newsletter: Pipeline Automation, Slack and More

Ryan Severns April 30, 2020

All the latest happenings from the Hawks Nest. Pipeline automation with CircleCI and GitLab, AppSec visibility with Slack, and more. […]

Add AppSec to Your CircleCI Pipeline With the StackHawk Orb

Zachary Conger April 29, 2020

When you check in a new web app vulnerability, do you get an alert and guidance on how to fix it? With the new StackHawk CircleCI Orb you can, and it’s easy. […]

StackHawk + Slack: Observability for AppSec Bugs

Sam Volin April 28, 2020

Shifting security left means leveraging automation and integrations earlier in development. With the new StackHawk Slack App, you can get that development feedback sooner. […]

Using StackHawk in GitLab Know Before You Go (Live)

Scott Gerlach April 21, 2020

The earlier you find application bugs, the cheaper it is to fix them. That’s one of the reasons so many organizations have adopted Test Driven Development (TDD). TDD enables Developers to more accurately identify if the code you are about to commit is going to break and not pass the tests you’ve instrumented in CI/CD. Analogous to the TDD process, we believe in automating application security testing. That’s why we created StackHawk! […]

How Security-Based Development Should Work

Joni Klippert April 20, 2020

This is my favorite slide from my pitch deck, used to highlight the problem that has kept security from “shifting left” into the modern development workflow. We started StackHawk to help engineers find and fix application security bugs in their code, as they write software and before deploying to production. […]

Scanning the Damn Vulnerable Web App with StackHawk

Scott Gerlach April 16, 2020

When we first introduced StackHawk to some of our close friends in the security industry and asked them to try it out, they tested it the same way we did. They ran HawkScan through its paces with one of the many vulnerable web applications security professionals set up online to help the community learn. They did this to have a semi-known outcome to see how StackHawk works. Enter Damn Vulnerable Web App. […]

Product

Resources

Company

StackHawk
Blog

Subscribe Today

Announcing Our Latest Financing Round

Application Security is Broken. Here is How We Intend to Fix It.

Sharing Dependencies and Gradle Plugins between Kotlin/SpringBoot Services

Three reasons Developers struggle with AppSec (and How to Make it Easier)

Application Security Observability

April Newsletter: Pipeline Automation, Slack and More

Add AppSec to Your CircleCI Pipeline With the StackHawk Orb

StackHawk + Slack: Observability for AppSec Bugs

Using StackHawk in GitLab Know Before You Go (Live)

How Security-Based Development Should Work

Scanning the Damn Vulnerable Web App with StackHawk

Featured Posts

Announcing Our Latest Financing Round

Snyk vs. StackHawk: AppSec Tool Comparison

How are we different?

PRODUCT

RESOURCES

COMPANY

GET IN TOUCH

KAAKAWW!!! [ kǝn'grats ]

You're on the waitlist!

STACKHAWK - LIMITED EARLY RELEASE

Join the early access program and use StackHawk for free.

KAAKAWW!!! [ kǝn'grats ]

You're signed up for the newsletter!

Product

Resources

Company

StackHawk Blog

Subscribe Today

Featured Posts

How are we different?

PRODUCT

RESOURCES

COMPANY

GET IN TOUCH

KAAKAWW!!! [ kǝn'grats ]

You're on the waitlist!

STACKHAWK - LIMITED EARLY RELEASE

Join the early access program and use StackHawk for free.

KAAKAWW!!! [ kǝn'grats ]

You're signed up for the newsletter!

StackHawk
Blog