I like the ability to configure the YAML file centrally. I like the integrations that are available as well. Review collected by and hosted on G2.com.
The configs of the YAML file and authenticated scans can be frustrating. Review collected by and hosted on G2.com.
Its scanning capabilities and easy integration into our CI/CD pipelines Review collected by and hosted on G2.com.
Simplified documentation for the yml specs. I have to search all over and go through a ton of trial and error when it comes time to setup configurations for stackhawk. Review collected by and hosted on G2.com.
It's very fast to setup and get integrated. It has great configuration support and additional options. Review collected by and hosted on G2.com.
A downside to StackHawk is it's inability to create API endpoint collections automatically. At the time of this review it is not a function, or atleast a public one. Review collected by and hosted on G2.com.
I managed to get most things working very quickly. Review collected by and hosted on G2.com.
I am trying to solve one issue: excluding the path /actuator from the scans. I have followed the docs and used the AI bot, but because I am in NZ, it is difficult to make contact with a real person due to timezone differences. Review collected by and hosted on G2.com.
StackHawk was built with a SaaS first mindset, unlike many of the competing products in the space, which made it a perfect fit for our needs. It has just the right number of features and does what it does very well.
We've been able to automate much of our interaction with the product through the robust APIs provided out of the box. Integrations are easy and straight forward. As a result, we're able to scan our products for vulnerabilities on every build as well as via continuous scanning from our CI/CD tooling.
I love the Slack-based customer support. As an early customer, we've been able to participate in beta and even pre-release design and have a great relationship with the StackHawk team. Review collected by and hosted on G2.com.
We've struggled with some of our larger APIs not completing scans in a timely manner. The StackHawk support team has been great about helping us solve for it. Review collected by and hosted on G2.com.
1. It's a complete DAST and runtime security tool that can test any web application
2. Easy to integrate with almost all the major CI tools for automated testing
3. Dashboard provides almost all the necessary information with resolutions of findings
4. Quality support team Review collected by and hosted on G2.com.
1. Pricing is a bit high for small and medium businesses
2. You will find some false positives in the scan report Review collected by and hosted on G2.com.
Relatively easy to use once initial setup is done. Easy to add in automation. Decent interface. Customer support was very helpful. Review collected by and hosted on G2.com.
Not quite intuitive setup, so a bit of a learning curve. Hard to manage vulnerabilities from a perspective of seeing how to manually reproduce and also to mark as false positive. No ability to mark application types and have custom severity on certain vulns based on that. eg XSS in website is more serious than in a json api. Review collected by and hosted on G2.com.
StackHawk is a wonderful security testing tool. It is easy to use and nice User interface. Review collected by and hosted on G2.com.
I have not got any issues from StackHawk to this date. Review collected by and hosted on G2.com.
The flexability of delpoyment is great when deploying rapidly. Review collected by and hosted on G2.com.
There is not much training offered to get started with the tool. Review collected by and hosted on G2.com.
I like that it is fast and dynamic, and I can also automate things. Review collected by and hosted on G2.com.
Troubleshooting network-related issues is a hectic process Review collected by and hosted on G2.com.
Get practical answers, real workflows, and honest pros and cons from the G2 community or share your insights.
Pricing provided by StackHawk.
