March Newsletter: Auth Wizard, Defect Dojo, and More!

The Changelog: New Features to Kaakaww About

Auth Wizard.

We know getting authentication properly configured is no easy task. But now, you can quickly get an updated YAML that is customized to your auth scenario in the StackHawk UI.

Defect Dojo Integration.

For teams that track vulnerabilities in Defect Dojo, you can now send StackHawk findings with our integration. And, updates to scan results can auto-close findings in Defect Dojo.Check out the docs

[ICYMI] Log4Shell Beta.

A couple of lines of YAML added to your StackHawk config is all it takes to see if your application has a discoverable and exploitable Log4Shell vulnerability. Drop us a line to join the beta or read the docs for more information.

⚡️ ZAPCon 2022 Replay

This month, StackHawk hosted ZAPCon 2022 , a free virtual conference dedicated to helping users level up their ZAP and AppSec skills.

If you missed the chance to attend ZAPCon, don’t worry. The ZAPCon 2022 Replay is now available on StackHawk’s YouTube channel . You can watch all the talks from security experts, follow along to hands-on workshops, and catch exclusive announcements about ZAP project updates.

Watch the Replay

Introducing The ZAP Fund

At ZAPCon, StackHawk CEO Joni Klippert announced the ZAP Fund , a $100,000 fund dedicated to supporting the ZAP and the project’s community.

A portion of the fund is allotted to resolving open ZAP issues through a bounty program. If you want to participate in the bounty program, visit the website below to learn more. 👇

The ZAP Fund

Other Happenings: Because We Have to Keep Corporate Busy Somehow

📺 Hawk Talks

• ZAPCon 2022 Replay

  
  
  
  

• Friday Hacking with HawkScan – Log4Shell testing with HawkScan

  
  
  
  

• Friday Hacking on ZAP – ZAP Standard Spider with Simon Bennetts

  
  
  
  

• Automated Security Testing with GitHub Actions Workshop @ ZAPCon

  
  
  
  

📖Reading Material

• StackHawk Announces $100K Fund Dedicated to Improving ZAP and the ZAP Community

  
  
  
  

• Shifting Left on Security: Five Steps to Transformation

  
  
  
  

• [from the archives] How Security-Based Development Should Work

  
  
  
  

📽 Virtual Events

• April 6-7: APIsecure

  
  
  
  

• April 12: CTO Summit: Shifting security left with DevSecOps

  
  
  
  

• April 21: The Austin 2022 CTO Summit

  
  
  
  

• April 25: AppSec Panel on Security Boulevard

  
  
  
  

💼 Jobs @ StackHawk

• Developer Advocate

  
  
  
  

• Solutions Architect

  
  
  
  

❤️ Give Us Some Love

Share the goodness of developer-centric application security. We are always grateful for recommendations and referrals! We’d love for you to share StackHawk with your friends and colleagues, or leave us a review on g2 .