---
title: StackHawk Reviews
meta_title: 'StackHawk Reviews 2026: Details, Pricing, & Features | G2'
meta_description: Filter 68 reviews by the users' company size, role or industry to
  find out how StackHawk works for a business like yours.
aggregate_rating:
  rating_value: 4.6
  review_count: 68
  scale: '5'
date_modified: '2026-07-07'
parent_category:
  name: "DevSecOps\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t"
  url: https://www.g2.com/categories/devsecops
---

# StackHawk Reviews
**Vendor:** StackHawk  
**Category:** [Dynamic Application Security Testing (DAST) Software](https://www.g2.com/categories/dynamic-application-security-testing-dast)  
**Average Rating:** 4.6/5.0  
**Total Reviews:** 68
## About StackHawk
StackHawk is reimagining AppSec for AI-driven development, where applications are built faster than traditional AppSec tools can keep up. Our AppSec Intelligence Platform combines scalable runtime testing with complete attack surface discovery from source code. We integrate directly into development workflows and provide context-aware remediations to developers, enabling teams to find and fix exploitable vulnerabilities before they reach production. With real-time visibility and centralized program intelligence, AppSec teams can prioritize testing and fixing what matters. Companies like British Airways, ITV, and Norstella trust StackHawk to evaluate application risk, prove program value, and scale testing coverage to match development velocity.



## StackHawk Pros & Cons
**What users like:**

- Users appreciate the **easy integrations** with major CI tools, streamlining their automated testing processes effectively. (10 reviews)
- Users commend the **excellent customer support** from StackHawk, always ready to assist with any inquiries. (9 reviews)
- Users value the **ease of use** of StackHawk, appreciating its intuitive interface and helpful customer support. (9 reviews)
- Users appreciate the **easy integration** capabilities of StackHawk, enabling seamless connections with various CI tools. (7 reviews)
- Users praise StackHawk for its **scanning efficiency** , allowing quick vulnerability identification without delaying deployments. (5 reviews)
- Users commend StackHawk for its **automated scanning** , enabling quick and efficient identification of security vulnerabilities. (4 reviews)
- Easy Setup (4 reviews)
- Integration Capabilities (4 reviews)
- Security (4 reviews)
- Setup Ease (4 reviews)

**What users dislike:**

- Users find the **setup complexity** of StackHawk frustrating, requiring extensive onboarding and configuration efforts. (5 reviews)
- Users find the **complex setup** of StackHawk frustrating, requiring extensive configuration and leading to a steep learning curve. (4 reviews)
- Users find the **high learning curve** of StackHawk challenging, especially due to its complex scripting requirements. (3 reviews)
- Users note the **lack of automatic API endpoint collection** and poor management of vulnerabilities as significant drawbacks. (3 reviews)
- Users find StackHawk has a **limited scope** due to restricted usage and lack of automation features. (3 reviews)
- Authentication Issues (2 reviews)
- Difficult Customization (2 reviews)
- False Positives (2 reviews)
- Inadequate Remediation (2 reviews)
- Users find **inadequate reporting** frustrating, wishing for better dashboards and automated sharing of vulnerability progress. (2 reviews)

## StackHawk Reviews
  ### 1. Excellent vulnerability scanner tool for REST APIs

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Information Technology and Services | Small-Business (50 or fewer emp.)

**Reviewed Date:** January 26, 2022

**What do you like best about StackHawk?**

The tool is straightforward to use and scan the APIs for vulnerabilities very quickly. Provides a docker image which could be directly used

**What do you dislike about StackHawk?**

Sometimes, all the endpoints from the swagger spec is not recognized

**Recommendations to others considering StackHawk:**

It is an excellent tool to scan your application for security vulnerabilities.

**What problems is StackHawk solving and how is that benefiting you?**

The main benefit is to scan the application for vulnerabilities quickly and helps in taking quick resolutions

  ### 2. Scanning to stay compliant

**Rating:** 5.0/5.0 stars

**Reviewed by:** Bart V. | CTO & Co-founder, Small-Business (50 or fewer emp.)

**Reviewed Date:** May 13, 2021

**What do you like best about StackHawk?**

The setup and scanning process is very straightforward and provides ongoing value to stay compliant with OWASP and the many other CVE's out there. It has already helped us improve security and we're able to learn while using it because of its documentation included in the reporting. On top of all this, it has also helped us with sales and procurement.

**What do you dislike about StackHawk?**

False positives do occur when using Stackhawk but they're very limited.

**Recommendations to others considering StackHawk:**

If you are using GraphQL in your tech stack then StackHawk should be a no-brainer.

**What problems is StackHawk solving and how is that benefiting you?**

- Building secure applications and keeping them secure
- Enterprise sales are easier when you are a customer of Stackhawk

  ### 3. Stackhawk offers a cutting edge DAST tool that integrates the way we need it to

**Rating:** 5.0/5.0 stars

**Reviewed by:** Chance H. | COO, Small-Business (50 or fewer emp.)

**Reviewed Date:** May 17, 2021

**What do you like best about StackHawk?**

After evaluating several vendors, We chose to use Stackhawk because of how well it integrated with our CI/CD process and that it works really well in containers, whereas most competitors are harder (or impossible) to implement with our configuration. Their team is engaged and responsive. Their solution is modern and easy to use. I'm happy we selected this solution.

**What do you dislike about StackHawk?**

I don't have any complaints about using Stackhawk.

**What problems is StackHawk solving and how is that benefiting you?**

The key benefit for us of using Stackhawk is having a Dynamic Application Security Testing (DAST) tool that runs in our containers effectively. This has been a key differentiator for us.

  ### 4. In-depth and invaluable security insight packaged into the best UI you've ever seen

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Public Policy | Small-Business (50 or fewer emp.)

**Reviewed Date:** May 17, 2021

**What do you like best about StackHawk?**

The detailed descriptions of vulnerabilities and linked cheatsheets are incredibly helpful, especially for busy developers that may not have done any work on fixing security bugs. The UI is extremely easy on the eyes and one of the most well designed I've ever seen, the same goes for the UX.

**What do you dislike about StackHawk?**

Besides the CI setup issue we had which I believe was more of a codebase issue than a StackHawk issue (I wasn't involved), there really isn't anything currently in StackHawk that I have an issue with.

**What problems is StackHawk solving and how is that benefiting you?**

We haven't had a lot of time to focus on security just yet, but we (I) am definitely looking forward to getting to the point where we are less pressured by a deadline and can focus on using StackHawk to start resolving the major issues with our codebase.

  ### 5. StackHawk Eases My Mind

**Rating:** 5.0/5.0 stars

**Reviewed by:** Spencer K. | Cyber Security Analyst, Mid-Market (51-1000 emp.)

**Reviewed Date:** May 18, 2021

**What do you like best about StackHawk?**

As a cybersecurity professional, I constantly worry about vulnerabilities in our applications. StackHawk outlines exactly what we need to do to make the application more secure, and I don't have to go about my day worrying about what might be out there without my knowledge. It does all of the scanning that would have previously taken hours, and it does it in a matter of minutes. This leaves more time in my day to focus on other aspects of security.

**What do you dislike about StackHawk?**

I have not found anything to dislike yet.

**What problems is StackHawk solving and how is that benefiting you?**

Through the initial scan, we learned of numerous vulnerabilities in our application, and we were provided with the severity of each. These were not obvious to us before the scan, so we gained immense insight from this.

  ### 6. Great Product with even better support.

**Rating:** 4.0/5.0 stars

**Reviewed by:** Glen K. | Senior Product Engineer, Small-Business (50 or fewer emp.)

**Reviewed Date:** May 14, 2021

**What do you like best about StackHawk?**

StackHawk has a nice, clean, no-nonsense interface that gets to the point, and gets out of the way. It integrates nicely with our workflow and the customer support and success teams have been great to help us get our product to a better state.

**What do you dislike about StackHawk?**

There is a bit of manual setup required that seems a little non-trivial, but given how modern applications are built I can't see a better way this could be done!

**What problems is StackHawk solving and how is that benefiting you?**

StackHawk helps us catch security vulnerabilities in an automated fashion as soon as they appear.

  ### 7. DevSecOps tool for API and SPA’s dynamic scanning

**Rating:** 4.5/5.0 stars

**Reviewed by:** Jason M. | ISEC Advisory Board Member / Course Content Expert, Mid-Market (51-1000 emp.)

**Reviewed Date:** May 12, 2021

**What do you like best about StackHawk?**

Ease of deployment and speed to delivery. Tooling runs great for local dev as well in the CI.  Uses GitOps approach for scanning definitions  in CI. Ingesting Swagger/OpenAPI spec for surface scanning. Fast scanning and actionable results. ZAP on steroids with great tooling and developer experience.

**What do you dislike about StackHawk?**

Would like to see smoketesting for CD to make sure basic security controls are in place for prod deploys.

**What problems is StackHawk solving and how is that benefiting you?**

Shifting dynamic security scanning left in the development lifecycle so we can catch flaws earlier. Fuzzing / scanning public RESTful API surface.

  ### 8. Fast and effective DAST tool

**Rating:** 4.5/5.0 stars

**Reviewed by:** Verified User in Hospitality | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 26, 2021

**What do you like best about StackHawk?**

StackHawk is an excellent tool built to find vulnerabilities developers typically miss and do not foresee when building applications. The support for both SOAP and REST APIs make it versatile to use for a variety of applications. The scan times are quick and resources are easily customizable in the Docker container. The ability to test against certain technologies using flags is a great plus to speed up scan times as well. The support team's quick turnaround times to resolve troubleshooting problems is a great asset to have when onboarding applications.

**What do you dislike about StackHawk?**

Only supports running in a Docker container, would love to see a .jar extension to attach to applications for faster onboarding when containers are not readily available for use

**What problems is StackHawk solving and how is that benefiting you?**

This is the first DAST tool we have adopted and have begun implementing this into our CI/CD workflows. Ultimately we aim to identify all vulnerabilities wherever possible to ensure our ecosystem is safe and secure, and StackHawk is providing great value to our goal. The quick scan times provide an easier integration with the remaining components of our pipelines, and the ability to scan SOAP apps is a must until we're able to retire our legacy apps or convert them to REST APIs. Developers are also able to scan applications from their local workstations to capture vulnerabilities early on and wherever else StackHawk is not yet integrated into our CI/CD pipeline for a particular application.

  ### 9. Great DAST Scanner that empowers developers

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Hospital & Health Care | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 20, 2021

**What do you like best about StackHawk?**

Easy to configure applications, containerized scanning, high-quality API & GraphQL scanning, and unlimited application scanning

**What do you dislike about StackHawk?**

We are currently working with the StackHawk team to reduce the number of false positives. Since the scanner works off of ZAP, improvements can be made to reduce the number of false positives in the scans. Additionally, recommendations can be improved to include action items relevant to the developer.

**What problems is StackHawk solving and how is that benefiting you?**

Traditional DAST scanners scan a few assets at a scheduled time and can only find vulnerabilities after they have hit production. StackHawk allows us to empower developers and scan an unlimited number of applications before issues hit production. Additionally, StackHawk offers GraphQL and API scanning capabilities not found with other vendors.

  ### 10. Great Dast for Modern Applications

**Rating:** 4.5/5.0 stars

**Reviewed by:** Luis R. | Senior Application Security Engineer, Enterprise (> 1000 emp.)

**Reviewed Date:** May 28, 2021

**What do you like best about StackHawk?**

The Stackhawk dashboard is intuitive and functional. I also really appreciate the low level of false positives as well.

**What do you dislike about StackHawk?**

It would be helpful if there were a way to automatically scan APIs without swagger documentation.

**What problems is StackHawk solving and how is that benefiting you?**

Stackhawk is allowing us to shift left security vulnerability patching. We can scan at commit time and allow developers to fix bugs before they are checked into version control.

  ### 11. Integrating StackHawk into our CI/CD Pipeline for best practice security well before production

**Rating:** 4.5/5.0 stars

**Reviewed by:** David F. | Manager of IT, Mid-Market (51-1000 emp.)

**Reviewed Date:** May 12, 2021

**What do you like best about StackHawk?**

Determining security holes and bugs within our chosen app stack is key to handling PII and PIFI data.  The Stackhawk team is excellent; they follow up when our pipelines encounter issues via shared slack channel, usually before we even have a chance to follow up.

**What do you dislike about StackHawk?**

We haven't found anything to dislike from StackHawk

**What problems is StackHawk solving and how is that benefiting you?**

Security Best Practices, hardening our API and Application Code, testing against all known penetration points on each pull request.

  ### 12. StackHawk is awesome!

**Rating:** 5.0/5.0 stars

**Reviewed by:** Clark W. | Developer, Small-Business (50 or fewer emp.)

**Reviewed Date:** May 17, 2021

**What do you like best about StackHawk?**

StackHawk does a great job scanning my applications for security vulnerabilities. This helps me have a leaner staff because I don't need to hire a dedicated security specialist.

**What do you dislike about StackHawk?**

I wish the scans for frontend apps were a bit more comprehensive.

**What problems is StackHawk solving and how is that benefiting you?**

StackHawk helps me solve my security problems without having to hire additional staff who specialize in security.

  ### 13. Very good on boarding process

**Rating:** 4.5/5.0 stars

**Reviewed by:** Viktor H. | Web Developer, Enterprise (> 1000 emp.)

**Reviewed Date:** May 18, 2021

**What do you like best about StackHawk?**

The onboarding process to get the tests running is very helpful. The StackHawk employees take the time if you have questions, and they are very willing to help.
I like the technology of the test tool.

**What do you dislike about StackHawk?**

I got some problems with our corporate firewall/proxy. It's not easy to get this running. But even thought StackHawk helped to look into the isuues.

**Recommendations to others considering StackHawk:**

Ask questions if you have any problems setting up StackHawk.

**What problems is StackHawk solving and how is that benefiting you?**

To find security issues in our apps. Without any big changes in our apps StackHawk is scanning the apps.

  ### 14. StackHawk review

**Rating:** 5.0/5.0 stars

**Reviewed by:** Verified User in Education Management | Mid-Market (51-1000 emp.)

**Reviewed Date:** May 14, 2021

**What do you like best about StackHawk?**

-Self Intuitive Interface
- Better Accuracy.
- CI/CD integration.
- Tool developed, Based on Industry-standard OWASP ZAP open-source scanner.
- Awesome support team

**What do you dislike about StackHawk?**

- Description and details of some of the vulnerabilities are not categorized.
- Lack of configuration option in the portal,(most of the scan configs are done within a yaml file).
- overhead of managing a docker container. they are working well with some of the orchestration platform but not sure if it would be that great.

**What problems is StackHawk solving and how is that benefiting you?**

- Having a DAST tool helps to find security vuln in web applications which usually is not picked up by the SAST tools.
- Improve the overall security posture of the organization.
- Having this as a part of CI/CD will help to fulfill the regulatory compliance requirements.

  ### 15. Helps ensure we can sleep easy

**Rating:** 5.0/5.0 stars

**Reviewed by:** Clive S. | Engineer, Small-Business (50 or fewer emp.)

**Reviewed Date:** May 14, 2021

**What do you like best about StackHawk?**

Breadth and depth of scan
Also ease of setup, great support and an intuitive UI!

**What do you dislike about StackHawk?**

None of note. As always, looking forward to new scans!

**What problems is StackHawk solving and how is that benefiting you?**

StackHawk has flagged some important vulnerabilities in our app that we've now rectified. We continue to use it to validate each build

  ### 16. Awesome support

**Rating:** 4.5/5.0 stars

**Reviewed by:** Travis H. | Senior Software Engineer, Small-Business (50 or fewer emp.)

**Reviewed Date:** May 14, 2021

**What do you like best about StackHawk?**

The support we had in getting StackHawk installed and working was great. They helped us out on any questions or issues we had and are always willing to get on a call to work through an issue.

**What do you dislike about StackHawk?**

I can't think of anything I dislike. Any probomes are quickly resolved.

**What problems is StackHawk solving and how is that benefiting you?**

Scaning a Web application looking for security vunrablities. We now have a more secure web application.

  ### 17. Very happy user, even happier customer!

**Rating:** 5.0/5.0 stars

**Reviewed by:** Natty Z. | Partner

**Reviewed Date:** May 30, 2021

**What do you like best about StackHawk?**

Ease of use + robust integrations = wow!

**What do you dislike about StackHawk?**

Still developing a few nice-to-have features, but nothing that is preventing me from significant usage.

**What problems is StackHawk solving and how is that benefiting you?**

Love helping developers learn and own application security. Helps CISO job and makes for a more resilient and reliable code stack.

  ### 18. Great solution that allows to customize scans with pretty good results.

**Rating:** 5.0/5.0 stars

**Reviewed by:** Vasyl D. | A, Mid-Market (51-1000 emp.)

**Reviewed Date:** April 15, 2021

**What do you like best about StackHawk?**

That you can customize scans to make them fast and accurate.

**What do you dislike about StackHawk?**

It based on OWASP Zap but you can't add your own plugins.

**What problems is StackHawk solving and how is that benefiting you?**

API tests.


## StackHawk Discussions
  - [What is StackHawk used for?](https://www.g2.com/discussions/what-is-stackhawk-used-for)

- [View StackHawk pricing details and edition comparison](https://www.g2.com/products/stackhawk/reviews?page=2&section=pricing&secure%5Bexpires_at%5D=2026-07-09+20%3A00%3A17+-0500&secure%5Bsession_id%5D=9119ba0d-cce7-4ffd-b572-31fa1bbc1de1&secure%5Btoken%5D=1f4eaa8e35d8c3f8f4e9c507aa9f63ef2c37cd0c9754b14bd6311dedfcae8ef0&format=llm_user)
## StackHawk Integrations
  - [Bitbucket](https://www.g2.com/products/bitbucket/reviews)
  - [CircleCI](https://www.g2.com/products/circleci/reviews)
  - [Datadog](https://www.g2.com/products/datadog/reviews)
  - [GitLab](https://www.g2.com/products/gitlab/reviews)
  - [Jenkins](https://www.g2.com/products/jenkins/reviews)
  - [Jira](https://www.g2.com/products/jira/reviews)
  - [Microsoft Azure DevOps](https://www.g2.com/products/microsoft-azure-devops/reviews)
  - [Slack](https://www.g2.com/products/slack/reviews)
  - [Snyk](https://www.g2.com/products/snyk/reviews)
  - [Vanta](https://www.g2.com/products/vanta/reviews)

## StackHawk Features
**Administration**
- API / Integrations
- Extensibility
- Reporting and Analytics

**Administration**
- API / Integrations
- Extensibility

**Performance**
- Issue Tracking
- Detection Rate
- False Positives
- Automated Scans

**API Management **
- API Discovery
- API Monitoring
- Reporting
- Change Management

**Cloud Visibility**
- Data Discovery
- Cloud Registry
- Cloud Gap Analytics

**Analysis**
- Issue Tracking
- Reconnaissance
- Vulnerability Scan

**Analysis**
- Reporting and Analytics
- Issue Tracking
- Vulnerability Scan

**Network**
- Compliance Testing

**Security Testing**
- Compliance Monitoring
- API Verification
- API Testing

**Security**
- Data Security
- Data loss Prevention
- Security Auditing

**Testing**
- Command-Line Tools
- Manual Testing
- Test Automation
- Performance and Reliability

**Testing**
- Manual Testing
- Test Automation
- Compliance Testing
- Black-Box Scanning
- Detection Rate
- False Positives

**Application**
- Manual Application Testing
- Black Box Testing

**Security Management**
- Security and Policy Enforcement
- Anomoly Detection
- Bot Detection

**Identity**
- SSO
- Governance
- User Analytics

**Agentic AI - Vulnerability Scanner**
- Autonomous Task Execution
- Proactive Assistance

## Top StackHawk Alternatives
  - [GitLab](https://www.g2.com/products/gitlab/reviews) - 4.5/5.0 (881 reviews)
  - [Intruder](https://www.g2.com/products/intruder/reviews) - 4.8/5.0 (206 reviews)
  - [Wiz](https://www.g2.com/products/wiz-wiz/reviews) - 4.7/5.0 (818 reviews)

