StackHawk Reviews & Product Details

StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.

Product Website

Seller

StackHawk

Languages Supported

English

Product Description

StackHawk makes it simple for developers to find, triage, and fix application security bugs. Scan your application for AppSec bugs in the code your team wrote, triage and fix with provided documentation, and automate in your pipeline to prevent future bugs from hitting prod.

Overview by

Alexa Sevilla

Pricing

Pricing provided by StackHawk.

Secure

$39.00

1 Code Contributor Per Month

View More Pricing Information

StackHawk Integrations

(12)

Verified by StackHawk

StackHawk Media

Security bug finding details from a scan of your application. Bug details, fix documentation, request/response payloads, and paths where the bug was found.

API discovery and application attack surface mapping from code

StackHawk is the only modern API security testing tool that runs in CI/CD, enabling developers to quickly find and fix security issues before they hit production.

Official Downloads

(2)

edit

Business Benefits of DAST & Shifting Left

StackHawk Reviews (68)

G2 reviews are authentic and verified.

Here's how.

Ali A.

Software Engineer

Small-Business (50 or fewer emp.)

2/4/2022

"Awesome DAST scanning"

5/5

What do you like best about StackHawk?

Easy to integrate, unlimited scans and applications allowed in the plan, performs well, dockerized Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

I wish there were more visibility into the types of rules or inputs that the scanner is using under the hood Review collected by and hosted on G2.com.

Verified User in Computer Software

Small-Business (50 or fewer emp.)

2/3/2022

"My encounter with StackHawk"

4.5/5

What do you like best about StackHawk?

The integration with my application was seamless. I just had to deploy a docker and run it, and the stat scanner reported the vulnerabilities almost instantly. Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

StackHawk can improve the description of the vulnerabilities slightly to debug the issue faster. Stackhawk can give more examples for fixing security issues reported. Review collected by and hosted on G2.com.

Recommendations to others considering StackHawk:

Go ahead and use this product to get your applications tested for security vulnerabilities. Using StackHawk saves a lot of time and effort. Review collected by and hosted on G2.com.

What problems is StackHawk solving and how is that benefiting you?

I am trying to find security flaws in my application using StackHawk so that when I go into deployment, I don't get hacked. StackHawk benefitted me immensely by making the process seamless. Review collected by and hosted on G2.com.

Matt M.

Senior Product Security Engineer

Small-Business (50 or fewer emp.)

2/7/2022

"Solid CICD integration with a bright future"

4/5

What do you like best about StackHawk?

Slick CICD integration for a known scanning tool Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

The core scanner is zap, without additional checks or enhancements. Review collected by and hosted on G2.com.

Lokesh V.

Quality Analyst

Small-Business (50 or fewer emp.)

2/22/2022

"Perfect Security product for your business needs"

5/5

What do you like best about StackHawk?

As we progress towards the future, Modern problems require modern solutions! StackHack is the perfect go-ahead for your business needs! Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

The frequent updates with new technologies, but it's good to have the updates to stay ourselves protected! Review collected by and hosted on G2.com.

Christopher D.

VP Engineering

Small-Business (50 or fewer emp.)

5/24/2021

"Awesome security automation with GraphQL support"

5/5

What do you like best about StackHawk?

We've had nothing but a great experience working with the StackHawk team and their security automation tool. Our team operates in a continuous delivery environment, with several concurrent branches and environments at any given time. We release code several times per day, and StackHawk is able to provide us real-time scans of all of our branches, environments, and production deploys without any additional developer effort beyond initial setup. Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

We had some initial issues with getting the scans to work with our GraphQL endpoints, but we were able to work closely with the StackHawk team, and this has since become a non-issue. I'm not aware of many other dynamic security testing providers that have such robust GraphQL support. Kudos to the StackHawk team for leaning in and delivering an excellent solution for GraphQL security testing. Review collected by and hosted on G2.com.

Recommendations to others considering StackHawk:

Setup a shared Slack channel, and you will receive answers to your questions blazingly fast! Review collected by and hosted on G2.com.

What problems is StackHawk solving and how is that benefiting you?

Automated dynamic security testing helps us build a more secure platform, as well as gives our customers confidence that we take security seriously and partner with the best providers. Review collected by and hosted on G2.com.

Verified User in Information Technology and Services

Mid-Market (51-1000 emp.)

2/3/2022

"StackHawk is a strong DAST product for companies that care about their application security programs"

4.5/5

What do you like best about StackHawk?

-Very strong CI/CD integration

-Augmented security detections to ZAP

-A slick, fast UI

-Supportive staff when we have questions Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

-Needs more augmented detection to discover real risks

-Needs ability for custom detections/plugins

-More customization on findings and options for suppression

-Faster scans! Review collected by and hosted on G2.com.

Patrick R.

Security Engineer

Enterprise (> 1000 emp.)

2/7/2022

"Good Tool for Appsec"

3.5/5

What do you like best about StackHawk?

Good tool for Dynamic App Scanning. Can greatly help with the Vulnerablity identification and remediation process Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

Does not seem to be a way to scan multipage/multisite applications or Mobile. Review collected by and hosted on G2.com.

Jon C.

CTO

Small-Business (50 or fewer emp.)

4/14/2021

"Simple and easy to integrate automated testing tool!"

5/5

What do you like best about StackHawk?

Incredibly easy to integrate into our CI/CD pipeline using their provided Docker image and detailed guides.

It produces detailed yet easy-to-read reports that are suitable for sharing with stakeholders. StackHawk has helped increase stakeholder confidence in platform security.

It has helped us make automated security testing one of the first things we do when spinning up a new project. StackHawk has helped us stay on top of issues early in the development process.

The team is incredibly supportive and helpful if you run into any issues. Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

I wish there was a more automated flow for retrieving oauth credentials for your api/site when running tests, it is a bit manual at the moment. Review collected by and hosted on G2.com.

What problems is StackHawk solving and how is that benefiting you?

StackHawk allows us to continuously test our code as part of our CI/CD workflow. Whenever a developer pushes up code, StackHawk runs against it and sends a report of any security issues it found.

As an engineering lead, I can share the reports with other stakeholders, executives, and board members to communicate that we are identifying security issues proactively and addressing them before they become a problem. StackHawk has increased the confidence of everyone in our security practices. Review collected by and hosted on G2.com.

iarly s.

Senior DevOps Engineer

Mid-Market (51-1000 emp.)

4/15/2021

"Easy and quick setup"

5/5

What do you like best about StackHawk?

In matters of minutes, one can set up and run a full scan against a web application. The intuitive and well-documented steps about how to integrate Stackhawk into the development lifecycle(build workflows, notifications) enabled us to get straight to what matters, which is the scan results.

Stackhawk's support was really helpful when needed. Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

Some dashboard items could be improved, such as an option to export scan results to pdf and/or other formats; the scan page could be a bit less populated.

Also, a pay per scan plan would be well appreciated. Review collected by and hosted on G2.com.

Recommendations to others considering StackHawk:

Stackhawk tool is easy to use, can be easily integrated into the development lifecycle, and can enable teams to have better visibility over possible security issues in their web applications. Review collected by and hosted on G2.com.

What problems is StackHawk solving and how is that benefiting you?

We need to make sure that the applications we make available to our customers comply with the most common web application security standards. Review collected by and hosted on G2.com.

Jukka R.

CTO

Small-Business (50 or fewer emp.)

5/19/2021

"Easy and efficient scanning tool"

5/5

What do you like best about StackHawk?

- StackHawk is easy to take in to use

- Built on the ZAP scanner, and they support its development as well

- You can run it in different environments with Docker

- Produces clear reports on the findings, and you can manage them with the UI so that false positives don't show up on every scan Review collected by and hosted on G2.com.

What do you dislike about StackHawk?

I don't have anything to complain about. Their support solved all the problems we had during the onboarding process. Maybe it would be beneficial to have an even more detailed log on the scanner's action to debug issues. Review collected by and hosted on G2.com.