StackHawk: Swooping down on security bugs in CI/CD cycles

StackHawk logo Intellyx BCAn Intellyx BrainCandy Brief

StackHawk avoids the time-consuming complexity of scanning and poking applications for vulnerabilities, and instead takes a DevOps-first trajectory toward spotting code-level anomalies within APIs, GraphQL, configuration, and release processes.

Many companies must choose between two unpalatable application security options: Ether slow down changes and new features the business wants, in order to reduce risk, or reduce any serious pen testing and scanning windows to once a quarter or even once a year to avoid the impact on customers, while likely passing more threat alerts to overburdened security and DevSecOps teams.

Their platform conducts below-the-interface microservices scans during automated CI/CD release processes, as well as backhauling evidence of potential vulnerabilities, code changes or operational drift when noticed in production. Threat profiles and test data are fed back into the platform, so security testing of that last good security posture can be shifted left and measured.

Recently this DAST vendor announced a go-to-market partnership and integration with SAST vendor Snyk, and it’s clear from early joint customer reports that they want the ability to keep one eye on both entrances, and conduct pre-release code-level scans with dynamic application-level security tests.

©2022 Intellyx LLC. At the time of writing, StackHawk is not an Intellyx customer. Want to see more BrainCandy? Subscribe today. If you are a vendor seeking coverage from Intellyx, please contact us at PR@intellyx.com.

SHARE THIS:

Principal Analyst & CMO, Intellyx. Twitter: @bluefug