The CircleCI Orb stackhawk/stackhawk makes it easy to integrate StackHawk into your continuous integration pipeline.
StackHawk provides dynamic application vulnerability scanning from development to production.
- âš¡ Dynamic Application Scanning: Use HawkScan to find and fix security bugs in your web apps, before you push to production. Think of it as security integration testing. Get started with your first scan in minutes.
- 🦸 Built for Modern Dev Teams: Automate scans with Docker commands, manage configs via YAML, and add app scanning as a build stage. We're built for dev teams that care about security and quality.
- 🧰 Vulnerability Management: (coming soon!) Document for compliance. Prioritize and manage fixes with integrations to existing ticketing tools. Point in time assessments are a thing of the past - there is a better way.
Use the HawkScan command line tool to run application scans manually or through automation. Use the stackhawk/stackhawk Orb to make it simple to run it in CircleCI.
To use this Orb, you must have a StackHawk API key. Sign up to get yours.
To scan your application, you will need a stackhawk.yml configuration file in your application source repository. Read the docs for more details.
If you have questions or need some help, please email us at support@stackhawk.com.
That is all.