🗂️ Navigation
📁 Application Security
📋 Application Security
🔧 StackHawk

StackHawk

DAST and API Security Testing for Developers.

Visit Website →

Overview

StackHawk is a dynamic application and API security testing (DAST) tool built for developers. It integrates into the CI/CD pipeline to find and fix vulnerabilities before they hit production, with a strong focus on modern technologies like REST, GraphQL, and SOAP APIs.

✨ Key Features

  • Dynamic Application Security Testing (DAST)
  • API Security Testing (REST, GraphQL, SOAP)
  • CI/CD Integration
  • Developer-Friendly Workflow
  • Actionable Remediation Guidance
  • Based on OWASP ZAP engine

🎯 Key Differentiators

  • Strong developer-first focus and user experience
  • Excellent support for modern API technologies
  • Configuration-as-code approach for easy automation

Unique Value: Makes it easy for developers to run dynamic application and API security tests as part of their regular development workflow, enabling them to ship secure code faster.

🎯 Use Cases (4)

Automated security testing in CI/CD Securing APIs and microservices Developer-led security testing Shifting security testing left

✅ Best For

  • Running DAST scans on every pull request
  • API discovery and testing in microservice architectures

💡 Check With Vendor

Verify these considerations match your specific requirements:

  • Organizations that need SAST or SCA in the same tool

🏆 Alternatives

Invicti Rapid7 InsightAppSec Burp Suite Enterprise Edition

Offers a more modern, developer-centric experience compared to traditional DAST tools, with a specific focus on the needs of teams building APIs and microservices.

💻 Platforms

Web API

🔌 Integrations

GitHub Actions GitLab CI Jenkins CircleCI Azure DevOps Slack Jira

🛟 Support Options

  • ✓ Email Support
  • ✓ Live Chat
  • ✓ Dedicated Support (Enterprise tier)

🔒 Compliance & Security

✓ SOC 2 ✓ GDPR ✓ SSO ✓ SOC 2 Type II

💰 Pricing

$49.00/mo
Free Tier Available

✓ 14-day free trial

Free tier: For individual developers and small projects

Visit StackHawk Website →

🔄 Similar Tools in Application Security

Veracode

A comprehensive cloud-native application security platform....

Contact

Checkmarx

An enterprise-focused platform for static and interactive application security testing....

Contact

Snyk

A developer-first platform for securing code, dependencies, containers, and IaC....

$25.00/mo

SonarQube

A leading tool for continuous inspection of code quality and security....

Contact

Invicti

An automated DAST and IAST solution for web applications and APIs....

Contact

Acunetix

A DAST tool for small to mid-sized businesses....

Contact