StackHawk Onboarding #2:
Authenticated Scanning


Ryan Severns|September 2, 2020

Our onboarding guide walking you through how to get started with application security testing with StackHawk.

Getting Started with StackHawk

To help you get started, we have written this onboarding guide with all the tips and tricks about getting up and running with StackHawk. This post covers how to set up authenticated scanning, and will link to the next steps.

onboarding-2-authenticated-scanning-img-1 image

Authenticated Scanning

Now that you’ve sorted out the basic configuration, it’s time to configure authenticated scanning.

For many web applications, your most important information from a security perspective will live behind a login screen. StackHawk supports the following types of automated authentication for security testing:

  • Username/Password Authentication + Cookie Authorization 

  • Username/Password Authentication + Bearer Token Authorization 

  • External Token Authentication + Custom Token Authorization 

Our documentation has all of the details, including examples, of how to build out your authenticated scans.

Next Up: how to triage and fix the findings from your scan.

As always, we are here to help at

Ryan Severns  |  September 2, 2020