
Read the Docs
Get up and running in less than an hour. Build the config file and then $ docker run hawkscan to find your security bugs.
Automate application and API security testing in CI/CD workflows
Test early, test often, and deliver secure applications
Application security at the speed of DevOps
Ship secure APIs with automated testing in CI/CD
Scale application security through engineering
Testing for OWASP top 10, automated in CI/CD
Check for GraphQL vulnerabilities on every pull request
Keep your gRPC services secure with automated security testing
Learn how to start scanning your application or API
Explore the StackHawk API and start integrating today
Integrate with the most popular developer tools
Identify, investigate, and triage security bugs in one place
Effectively scan authenticated routes and API endpoints in your application
Kaakaww!! Meet the our Hawksome team and check out our job board
See StackHawk in flight
Gain AppSec insights from expert articles and fix guides
Get up and running with StackHawk CLI and HawkScan in minutes
Catch up on the latest news in the Nest
Get paid to resolve bugs and improve ZAP
Engineering teams are delivering software faster than ever before.
Delivering secure applications requires tooling built for automation in the modern tech stack.
Vulnerabilities Now Found Before Prod
Get alerted before a vulnerability is live in production, allowing you to control risk profile of what is shipped to customers
Fixes Are Faster While in Context
Developers are notified on the PR when a new vulnerability is introduced, allowing them to fix the code they just worked on
Change Increments are Smaller
Scanning underlying microservices and APIs creates faster scans and clearer focus when a fix is needed
Security Scales Across Engineeringgone
With developer centric tooling, the age-old problem of security playing catch up with engineering is gone
Leverage Trusted OSS Scanner
Built on ZAP, StackHawk leverages the industry standard dynamic application security testing scanner
Test the Modern Application Stack
Engineering teams deliver APIs, GraphQL, and single page apps, so your AppSec tooling must be built to test the modern stack