Read the Docs
Get up and running in less than an hour. Build the config file and then $ docker run hawkscan to find your security bugs.
Discover every API in your attack surface
Automate application and API security testing in CI/CD workflows
Test early, test often, and deliver secure applications
Application security at the speed of DevOps
Ship secure APIs with automated testing in CI/CD
Scale application security through engineering
Testing for OWASP top 10, automated in CI/CD
Check for GraphQL vulnerabilities on every pull request
Keep your gRPC services secure with automated security testing
Learn how to start scanning your application or API
Explore the StackHawk API and start integrating today
Integrate with the most popular developer tools
Identify, investigate, and triage security bugs in one place
Effectively scan authenticated routes and API endpoints in your application
The Shift-Left Maturity Model
See StackHawk in flight
Gain AppSec insights from expert articles and fix guides
Get up and running with StackHawk CLI and HawkScan in minutes
Catch up on the latest news in the Nest
Kaakaww!! Meet the our Hawksome team and check out our job board
Ship your GraphQL API with confidence that it is secure. With StackHawk, you can catch potential security vulnerabilities before they hit production. StackHawk runs active dynamic testing for common security bugs against the queries and mutations on your API, surfacing issues that your team may have introduced as well as issues introduced by open source vulnerabilities.
Ship Secure GraphQL with StackHawk
Evaluating API Security Testing Tools?
Ready to get started with API Security Testing?
Want to see automated security testing in action?