In the world of software development, tools that can help proactively identify security threats and improve automation are at the top of IT leaders’ wish lists in 2023. Azure Pipelines and Azure Boards are DevOps tools that can help you manage projects and automate the process of testing, building, and deploying your software to the cloud. Integrating StackHawk with these two tools makes it easier for development teams to ensure their software is secure before it moves to production.
Azure Pipelines is a CI/CD tool that allows teams to build, test, and deploy their applications. With the StackHawk integration, you can add application security testing to your pipeline, allowing you to find and fix security issues before they reach your end users. Our integration with Azure Pipelines is easy to set up in just a few steps.
First, you'll need to install the StackHawk Azure Extension to your Azure DevOps Organization. You will also need a StackHawk account, StackHawk API Key, and a Stackhawk application ID to run HawkScan tasks. The StackHawk Azure extension consists of two tasks: HawkScanInstall and HawkScanRun.
HawkScanInstall installs the user's preferred version of HawkScan or defaults to the latest version available.
HawkScanRun runs the installed version of HawkScan.
Pretty straightforward, right?
Our primary goal is to provide teams with new Azure Pipelines tasks they can use in their CI/CD builds to scan for vulnerabilities in running applications. The StackHawk Azure extension works with almost any Azure Agent right out of the box, whether Windows-based or Linux based, without needing to tweak any settings.
Azure Boards, on the other hand, is a project management tool that allows teams to track work items, bugs, and other project-related tasks. With the StackHawk integration, you can create a new issue in Azure Boards whenever a security issue is discovered, making it easier for your team to track and prioritize security issues alongside other development tasks.
To set up the StackHawk integration with Azure Boards, navigate to the Azure DevOps Boards Integration page in StackHawk and provide your username and personal access token. This will allow StackHawk to send notifications to your Azure Boards project whenever a new security issue is found. Once the installation is verified, you can send a finding to Azure Boards by creating a work item and associating it with a StackHawk scanner finding.