StackHawk Announces General Availability Launch
September 01, 2020

StackHawk, a software-as-a-service startup that empowers software engineers to easily find and fix application security bugs before they hit production, is launching into general availability.

Over the past year, the product has built a strong base of Early Access customers who have automated their AppSec testing in the CI pipeline, checking for vulnerabilities on every merge. With great feedback from these early customers, StackHawk is now available to any company that wants to deliver secure software.

"We decided to build StackHawk because of the gaping hole in developer-centric security tooling," said Joni Klippert, StackHawk founder and CEO. "I am incredibly proud of the ways we have been able to deliver on that promise as we announce our general availability. Our most excited feedback from early access customers has consistently been from developers and engineering leaders that finally have a tool that fits their workflows and allows them to take ownership of their application security."

While shifting security left is a common refrain within the security industry, the other application security products on the market still assume that a security team member is running the security tests and that tests are run on a scheduled basis. StackHawk is different, with features built specifically for the engineering teams that build the applications.

This shifts the approach from point-in-time pen tests or weekly scheduled scans to automated testing of the microservices that make up a customer facing application in the CI/CD pipeline. This approach shortens fix times, pushes potential vulnerabilities to the engineering teams that built the feature, and ensure that vulnerabilities are caught before they hit production. Key to this automation is integration with CI/CD tooling. StackHawk has partnered with the major CI providers such as CircleCI and GitLab to make it simple to AppSec tests into the build pipeline.

"As a CISO, I know that the application security model used by most software teams does not scale," said Scott Gerlach, co-founder and Chief Security Officer at StackHawk. "Pipeline automation of your security testing is the only way to truly integrate this into modern software delivery, and no one does it better than us. We are excited for more customers to start using StackHawk and ensuring security as they deliver software."

The company offers a startup plan to support earlier stage companies that care about security, but have historically been priced out of the market by enterprise security vendors.

Share this

Industry News

November 30, 2020

Shipa is open sourcing Ketch, Shipa's deployment engine, under Apache License Version 2.0.

November 30, 2020

Portworx by Pure Storage announced its qualification and support of Portworx Enterprise for Google Cloud's Anthos on bare metal.

November 30, 2020

SnapLogic now supports SaaS contracts in AWS Marketplace, a digital catalog with thousands of software listings from independent software vendors that make it easy to find, test, buy, and deploy software that runs on Amazon Web Services (AWS).

November 24, 2020

Red Hat announced new capabilities and features for Red Hat OpenShift, the company's enterprise Kubernetes platform.

November 24, 2020

Sectigo released Chef, Jenkins, JetStack Cert-Manager, Puppet, and SaltStack integrations for its certificate management platform.

November 24, 2020

DataStax released K8ssandra, an open-source distribution of Apache Cassandra on Kubernetes.

November 23, 2020

Spectro Cloud has released a new, self-hosted version of its flagship product, Spectro Cloud.

November 23, 2020

GitLab completed integration of Peach Tech, a security software firm specializing in protocol fuzz testing and dynamic application security testing (DAST) API testing, and Fuzzit, a continuous fuzz testing solution providing coverage-guided testing.

November 23, 2020

Fugue announced the availability of its SaaS product in AWS Marketplace, further simplifying the process for Amazon Web Services customers to use Fugue to bring their environments into compliance quickly, demonstrate compliance at any time, and Shift Left on cloud security.

November 19, 2020

Rollbar announced AI-assisted workflows powered by its new automation-grade grouping engine.

November 19, 2020

Buildkite expanded its integration with GitHub and introduced a new onboarding experience.

November 19, 2020

Rancher Labs launched a new Partner Program for the OEM and embedded community.

November 18, 2020

Puppet announced its evolution to an integrated automation platform to enable key business initiatives such as scaling DevOps, risk reduction, policy as code, and evolving cloud strategies.

November 18, 2020

Adaptavist has joined the GitLab partner program as a Select partner.

November 18, 2020

Postman launched the beta version of public workspaces, a hub that makes it possible for both API producers and consumers to seamlessly communicate and collaborate in real time without team or organizational boundaries.