Semgrep
GitHub
Snyk
AWS
Microsoft
StackHawk Platform
API Attack Surface Discovery
Runtime Application Security Testing
Application Security Oversight
Integrations
Modern DAST
Shift-Left API Security Testing
Code-Based Sensitive Data Detection
gRPC Security Testing
GraphQL Security Testing
Healthcare
FinServ
Docs
Technical Blogs
Getting Started
Watch a Demo
Blog
Shift-Left Maturity Model
All Resources
Customers
Partners
Contact
Careers
NewsCustomer Success Story
Breathe Life Deploys StackHawk and Snyk for a Dev-Centric Application Security Program
By integrating StackHawk, Breathe Life strengthened its ability to secure sensitive personal and health data while meeting strict industry regulations like Quebec’s Bill 64, HIPAA, and the CCPA. “We’re dealing with very sensitive data,” said François Allard, Director of Engineering for Platform Teams. “We know that in order to scale, we need to put security up front in our process.” With StackHawk, security became an integral part of development—helping the team identify issues early, maintain compliance, and confidently scale their platform.
Scaled Application Security
Detected Vulnerabilities Earlier
Achieved Developer-Driven Compliance
Use Case
Combing security tools for faster remediationC
Industry
Internet Software and Services
Company
Breathe Life
Location
Montreal, Quebec
The StackHawk scan with the Open API showed us that the real application was being tested and it’s not just checking the box to meet some compliance requirement that we have.
The Problem
Highly regulated organization with a need to prioritize finding and fixing security vulnerabilities early in the development lifecycle.
The Solution
Dev-centric approach to security testing with Snyk and StackHawk giving individual developers the ability to take ownership of the code they were creating.
The Results
Security as a shared responsibility across the organization with best in class solutions to easily manage findings while eliminating noise was key to scaling the team’s application security program.
Choosing a Solution
He first discovered Snyk, and later StackHawk, and recognized that the two had a “similar dev-centric approach.” As a result, he chose to build a program with these two partners.
While Snyk’s SCA tool helped Breathe Life secure the open source libraries they used, Allard was also looking for a Dynamic Application Security Testing (DAST) tool, to ensure that Breathe Life’s proprietary code was also protected.
His team was building a Single Page App that relied on Javascript and backing APIs. Existing tools in the market were falling short of what Allard knew he needed.
Experience with StackHawk
But it wasn’t just the findings that impressed Allard. It was also what his team could do with them.
“Managing findings is another thing we like with StackHawk. Being able to easily manage those, and not adding noise to scans when you have the same thing over and over is super helpful,” said Allard.
Allard is early in the journey of deploying Snyk and StackHawk, but is already reaping the benefits of having greater confidence in the code that is shipped.
As we grow, we’ll have more and more ways to automate…We are putting the building blocks in place so developers can take on these types of responsibilities.
Explore Our Customer Stories
Public Benefit Corporation
Change.org needed a way to improve their security posture and effectively protect their platform and users at scale.
Health Tech
A healthtech company boosted security with StackHawk for API discovery and automated CI/CD security testing, to improve efficiencies while reducing risk.
Financial Services
Learn how one FinTech Leader deployed StackHawk to secure its Fortune 100 customers, prioritizing a shift-left and continuously secure model over just box checking for compliance requirements.
Interested in seeing StackHawk at work?
Schedule time with our team for a live demo.