1 Level
751 Review
37 Karma
Review on StackHawk by Jason Staggs
Great for finding security vulnerability risks in web & mobile apps
Being able to scan through our repositories of multiple languages/frameworks very quickly was great! It's easy enough that anyone can use this tool without having any prior experience using an appsec scanner or pentesting tools such as Burp Suite etc. This is one thing we've been working towards but have lacked previously - getting quicker feedback when there are potential issues found which could mean they're not fixed immediately by development teams. We now get notified much more frequently about possible vulnerabilities within applications where before these were only picked up occasionally at least once per week (or even less) during manual scanning processes.
Pros
- Easy integration with GitHub
- Good reporting system for various types including vulnerability details, remediation instructions & fixes in progress.
- Ability store custom rules easily instead just relying upon pre defined default checks.
- Also has ability build your own plugins too if needed :)
- The UI looks good visually
- Nice looking user dashboard area showing most recent scans completed along side all other features available via admin portal
