June Newsletter:
New additions to third-party auth,
deeper REST scanning, and more!

The Changelog: New Features to KaaKaww About

• Third-Party Auth Wizard. Our Auth Wizard now supports configuration for the most popular third-party auth providers including Auth0, Okta, Firebase, and Keycloak. These new additions make it even easier to configure authenticated scanning and get to the good stuff!

• Deeper REST Beta. We've gone where no other DAST tool has before— deeper into REST API scanning. Configure StackHawk’s testing inputs to make sure the scanner can reach your API’s most critical logic. That means more robust scans with fewer false positives. Contact beta@stackhawk.com to gain access.

• Download Scan Logs. Take control of scan errors by downloading scan logs directly from StackHawk to gain greater visibility into what’s happening when the scanner is running and remediate scan issues quickly.

• Slack Updates. We heard you. Slack was a little noisy, so we toned it down by removing the Scan Started notification. Now you can focus on what’s most important— your scan results.

📺 Application Security: Going Faster, Safer

Security is just another component of code quality... but how do you enable developers to find and fix security issues on their own?

 💡Here's your first tip: Make security testing part of the CI/CD pipeline

 If you're not sure how to get started, watch this on-demand webinar for actionable guidance on helping developers find and fix application and API security issues every time they check in code.

Watch the Recording

Other Happenings: Because We Have to Keep Corporate Busy Somehow

📺 Hawk Talks

• DevSecCon24: DevOps Worked...Why Hasn't Security Kept Up?

• SANS Webcast: [Actually] Making Application and API Security Testing Part of Software Delivery

• React Summit 2022: Automated Application Security Testing 

📖 Reading Material

• Security Magazine: ShiftLeft finds a 97% reduction in open source software vulnerabilities

• Security Magazine: Travis CI API exposes thousands of user tokens that can let threat actors launch attacks

• [from the archives] GraphQL Security: Automated Security Testing of GraphQL Backed Applications

📽 Virtual Events

• June 30: HasuraCon - Automated GraphQL Application Security Testing Workshop

🎟 In-Person Events

• August 10-11: BlackHat USA

💼 Jobs @ StackHawk

• Technical UX Writer

• Junior Solutions Architect

• Senior Solutions Architect

❤️ Give Us Some Love

Share the goodness of developer-first application security. We are always grateful for recommendations and referrals! We’d love for you to share StackHawk with your friends and colleagues, or leave us a review on g2.