May Newsletter: GraphQL, Findings Management, and More

Ryan Severns
Ryan Severns
Share on twitter
Share on facebook
Share on linkedin
Share on reddit
Ryan Severns

Ryan Severns

Share on twitter
Share on facebook
Share on linkedin
Share on reddit

The Hottest News in the Hawks Nest: All of the latest on StackHawk. New features, GraphQL security, and other details about where you can find StackHawk this month.

The Changelog: New Features to Kaakaww About

Check out the latest features we’ve added to StackHawk:

  • GraphQL Scanning: We are excited to announce that HawkScan, our security bug scanner, can now support GraphQL applications. Interested in scanning your GraphQL application? Check out the docs to learn more.
  • Findings Management: Mark your scan results as Assigned, False Positive, or Risk Accepted. With Findings Management, you can now focus on scan results that are new or not yet processed. Learn more below.
  • Validation of Findings: Working on a fix for a security bug? With curl based validation, you can step through the specific request that triggered the finding. Click the button, get the curl command, and get to a fix faster. More details below.
  • Announcements Panel: Email is so 90s. Now you can see feature announcements right in the app. Check out the Announcements panel to see the latest feature updates, link out to documentation, or send us feedback.

Process Your AppSec Bugs with Findings Management

Taking actions on dynamic application security test results from StackHawk with the new Findings Management feature.

When you jump into your scan results, there are often findings that you are aware of. Maybe a fix is in progress with an associated Jira ticket, maybe it is a false positive, or maybe it is an accepted risk (corporate still wants that Facebook tracker everywhere).

With the new Findings Management feature, you can reduce the noise and focus on the findings that matter. Mark your findings as Assigned, False Positive, or Risk Accepted to quiet them in the future. On subsequent scan runs, we will still log the findings, but they will be filtered out from the main view so you can focus on fixing what matters.

Fix Your Security Bug Findings with curl Validation

Fixing security bugs found by StackHawk's dynamic application security test scanner with curl command validation.

StackHawk is a dynamic application scanner, meaning that it scans a running version of your application. It finds security bugs in your app, but does not point to where the bug exists in code.

With curl-based validation of findings, you can debug the request that was used to find the security bug and zero in on the fix in code. Check out the blog post for more information.

Other Happenings: Because We Need to Keep Corporate Busy Somehow

📖 Reading Material

Grab your cup of coffee or a glass of whiskey and check out the latest content from the StackHawk team.

📽 Virtual Events

StackHawk is proud to be sponsoring two upcoming virtual events. Click the links below to sign up – both are free!

📺 HawkTalks

You can only binge so much Netflix. Switch it up with the latest from our co-founder and resident security expert, Scott Gerlach.

❤️ Give Us Some Love

As an early stage software company, good word of mouth is one of the best things we can get. If you know anyone who should join us in this mission of developer first security, please send them our way. Another way you can support us this month is to follow us on StackShare. As always, thanks for your support!

More StackHawk
Ryan Severns
Zachary Conger
Scott Gerlach

KAAKAWW!!! [ kǝn'grats ]

The Demo Gods Approve!
We’ll reach out to you soon to schedule a 45 minute demo. Please complete this 3 minute survey so we can prepare a demo that is specific to you.

KAAKAWW!!! [ kǝn'grats ]

You're signed up for the newsletter!
We’ll keep you up to date on content and other happenings here at StackHawk.