Industrial Automation Company Shifts-Left: From Legacy DAST to Modern API Security

The adoption of StackHawk marked a pivotal shift in how the company approached security. Engineers—pushing new code up to 15 times a day—could now detect and fix vulnerabilities before release, tightening feedback loops and eliminating production delays. StackHawk’s lightning-fast scans, deep JIRA integration, and intuitive documentation gave developers real-time visibility and ownership of security testing. The results were clear: greater application coverage, faster release cycles, and stronger collaboration between security and engineering. What began as a divisional rollout has since paved the way for enterprise-wide adoption, establishing StackHawk as the foundation for the company’s modern, developer-driven security strategy.

Choosing a Solution

The company’s journey led them to StackHawk after evaluating the ineffectiveness of their legacy tool. With only 10%- 12% coverage and leaving many application paths undetected and untested, the lack of coverage did not meet the stringent security requirements to which they held their business.

With StackHawk, the team set an initial goal of critical coverage with the intent to secure and bring under test a number of tier-one applications in a phased approach. With strong internal advocates for secure development processes and a mindset for modern security practices, this company was able to meet its advanced security requirements, which were unmatched by its legacy solution.

Delivering Faster Feedback Loops

Development happens FAST at this company, with engineers pushing new code at least 15 times a day, but their legacy DAST tool could not keep up. Code would get released before a scan could complete, causing developers to interrupt their workflow if a potential vulnerability was discovered. The old way of doing things: Scanning in production environments, manually creating and updating tickets, and back-and-forth conversations between teams to gain context was not going to cut it.

StackHawk’s ability to complete scans at lighting speed in pre-production environments helps their teams ensure that all new code is thoroughly tested before being released into the wild. They then squeeze the feedback loop even tighter by using the JIRA integration. They are able to provide real-time feedback to different product teams and applications by mapping scan results to specific JIRA workspaces. That means the appropriate teams are immediately alerted of vulnerabilities in their familiar workspace. And with their code-contributing developers having direct access to the StackHawk platform, they can get the context they need to start working on resolutions quickly and validate their fixes before re-committing code.

Support and Documentation

The company was looking for more than just a vendor. They wanted someone they could partner with to make their security overhaul successful enterprise-wide.

StackHawk collaborated closely with the company to address their specific needs via regular check-ins and technical troubleshooting sessions. This included working together on pre-integration checklists to set up success for future teams across the organization that would adopt StackHawk. Additionally, they found StackHawk’s knowledge base of documentation and easy-to-follow guides as a major win when establishing a new partner to overhaul their security initiatives.

Experience with StackHawk

With the help of StackHawk, the company has transformed how security and developers collaborate to deliver highly secure software to its customers. Unlike the legacy process of throwing issues over the wall to developers, their engineering team catches vulnerabilities in CI/CD and resolves them before hitting an internet-facing environment, all while their security teams maintain governance and gain greater visibility.