Dynamic Application
Security Testing

Built for Today’s Engineering Teams

Modern DAST


Trusted Technology, Modern Approach

Dynamic application security testing has been a foundational part of delivering secure applications for decades.

StackHawk has built upon the core technology while aligning with the speed and performance required by today’s engineering teams.

Learn More about Dynamic Application Security Testing

Animation of DAST


The Trusted Open Source Scanner

Those familiar with application security know that DAST is synonymous with ZAP. As the world’s most widely used application security scanner, ZAP is a trusted scanner. StackHawk is built on ZAP, so you know you can count on the underlying scanning technology.

Zapbot, the mascot of the ZAP project

The StackHawk Difference

Shift Left with Automated Pre-Production Scans

Scheduled application security scans of production environments no longer cut it. DevSecOps requires DAST scanning that is automated in the CI/CD pipeline. StackHawk is purpose built to run in the DevOps pipeline, ensuring your team has eyes on any new vulnerabilities before they hit production.
  • Catch vulnerabilities before production
  • Shorten fix times with alerting while in context
  • Democratize AppSec throughout engineering
  • Customizable logic for blocking / passing builds
shift left with automated pre production security scans

Scan the Full Application with Microservice and API Scanning

Application architecture has advanced over the past decade, requiring application security testing that is built for scanning microservices, APIs, and single page applications. With StackHawk, you can align your DAST testing with your architecture for better performance and faster fixes.
  • HTML and single page app scanning
  • REST API and GraphQL scanning
  • Fast scan performance times
  • Alignment of findings and engineering teams
stackhawk dast scanning

Built for Developers, Trusted by Security

Delivering secure applications requires participation and ownership from the whole engineering organization. Many companies say that developers will love their tool, but we back it up with the product. Scale application security with the only developer-centric DAST tool on the market.
  • Vulnerability overviews and fix documentation
  • Request / response evidence for findings
  • cURL command reproduction of findings
  • Run scans locally to check changes
dast for developers

Part of the Modern Engineering Stack

Rolling out DevSecOps within an organization requires security tools that fit into existing engineering workflows. From scan kickoffs to findings alerts to backlog prioritization, your DAST tooling should tie in with your engineering stack. StackHawk is built for modern delivery teams and their tools.
  • Alert on scans and findings in chat tools
  • Manage findings in existing ticketing systems
  • Automate with CI/CD pipeline integrations
  • Manage configuration as code
modern dast security

How Does Your DAST Stack Up?

Whether you are implementing dynamic application security testing for the first time or are evaluating against existing systems, make sure you are using modern DAST tooling.

Not supported

Partially Supported

Testing Modern ApplicationsSupported by Stackhawk
HTML ScanningSupported by Stackhawk
Single Page Application ScanningSupported by Stackhawk
REST API ScanningSupported by Stackhawk
GraphQL ScanningSupported by Stackhawk
Authenticated ScanningSupported by Stackhawk
Microservice ScanningSupported by Stackhawk
CI/CD Automation for DevSecOpsSupported by Stackhawk
Integrations with CI/CD ToolingSupported by Stackhawk
Scan Non-Publicly Available DeploysSupported by Stackhawk
State Management of Existing FindingsSupported by Stackhawk
Configurable Pass / Fail Criteria for PipelineSupported by Stackhawk
Fast Triage and Fix with Developer FeaturesSupported by Stackhawk
Vulnerability OverviewsSupported by Stackhawk
Clear Vulnerability Fix DocumentationSupported by Stackhawk
Request / Response Finding EvidenceSupported by Stackhawk
cURL Command Reproduction CriteriaSupported by Stackhawk
Localhost Scan Support for ChangesSupported by Stackhawk

Get Started with Modern DAST Today

Sign Up for a Free Account
stackhawk white logo

Shopping for Dynamic Application Security Testing Tools?

Check Out our Tool Comparisons

Sign Up for The StackHawk Daily Demo at 9 am PST.

Watch a Demo