January Newsletter:
Onboarding Updates, ZAPCon
2021, Auth Blogs, and More

rebecca-warren

Rebecca Warren|January 29, 2021

The hottest news in the hawk’s nest: All of the latest from StackHawk, including onboarding Updates, ZAPCon 2021, auth blogs, and more.

The Changelog: New Features to Kaakaww About

January Newsletter: Onboarding Updates, ZAPCon 2021, Auth Blogs, and More image
  • New Sample Application Onboarding. Get scanning faster! We’ve created a wizard to walk new users through the steps for scanning Google Firing Range sample data.

  • GraphQL Updates. We are giving GraphQL users more details to find vulnerabilities in their APIs. We've optimized the user experience associated with describing and recreating GraphQL vulnerabilities to show more details around GraphQL operations and queries.

  • REST API Updates. Not to be outdone by GraphQL, REST APIs get their own improvements so you have all the information you need to troubleshoot on the fly.

  • Recreate Findings Faster. When you drill into a specific finding you will see a new UI that has the "Response," "Request," and Evidence" sections all in one view so you can seamlessly recreate vulnerabilities without switching panels.

We are Thrilled to Present the First-Ever ZAPCon

January Newsletter: Onboarding Updates, ZAPCon 2021, Auth Blogs, and More image

We are thrilled to be part of the first-ever ZAPCon taking place March 9th at 8AM-12PM PT / 4PM-8PM GMT. The event is free for everyone!

Topics include using ZAP at scale and application security best practices. If you are a current ZAP user or are interested in learning more about the open source scanner StackHawk is built on, make sure to register. 

Submit a Talk

Register Now

Can We See Some ID?

When implementing security testing and vulnerability scanning, it is important to test all of your app’s paths, including the authenticated routes. Only scanning public routes can cause you to miss the majority of vulnerabilities, which are often hidden behind a credentialed login.

Implementing authentication flows can be tricky, so we have created a new blog series to walk you through how to configure the StackHawk scanner with different forms of authentication. 

Check out the blogs and keep your scans on lock 🔐

Other Happenings: Because We Have to Keep Corporate Busy Somehow

📖 Reading Material

📽 Virtual Events

We kicked off the year with TestJS Summit at the end of January. We have more great events coming up!

❤️ Give Us Some Love

Share the goodness of developer-centric application security testing. We are always grateful for recommendations and referrals! We’d love for you to share StackHawk with your friends and colleagues. As always, thank you for your support!


Rebecca Warren  |  January 29, 2021