DENVER, Sept. 22, 2022 /PRNewswire/ — StackHawk, the corporate making utility safety testing a part of software program supply, at this time introduced its Deeper API Safety Check Protection launch. This expands StackHawk’s resolution to assist builders scan your entire API layer to uncover potential vulnerabilities. Right this moment’s utility architectures require completely different approaches to safety testing, and legacy safety testing instruments lead to untested components of the appliance, or require tedious guide testing and are too sluggish for many fashionable launch schedules. With this launch. StackHawk supplies builders the power to check APIs deeper and quicker, so organizations may be assured each construct they launch is safe.
The API layer presents the very best stage of safety danger for software program firms. But API discovery generally is a problem for a lot of safety groups. StackHawk’s Deeper API Safety Check Protection launch permits groups to leverage current automated testing instruments, resembling Postman or Cypress, to information discovery of the paths and endpoints, present customized check knowledge for use throughout scans and canopy proprietary use instances for safety testing.
“Fashionable API and utility safety requires tooling that integrates into current engineering workflows and supplies thorough check protection for at this time’s utility architectures,” stated Scott Gerlach, StackHawk co-founder and chief safety officer. “With our current launch of Deeper API Safety Check options, StackHawk continues to steer the market in depth and accuracy of actual API safety testing, all whereas remaining true to our developer-first safety strategy.”
Engineering groups have refined automated check suites in CI/CD to make sure that high quality is maintained as they push software program adjustments to manufacturing, and safety testing needs to be no completely different. By integrating into current testing workflows, StackHawk supplies builders with safety testing in a well-recognized approach, shifting safety left.
StackHawk’s complete scan functionalities have expanded to deal with a number of key points, together with:
- Customized Check Knowledge for REST APIs: The power to make use of practical required variables for paths, question, or request physique, is one thing DAST instruments traditionally have struggled with as using incorrectly formatted knowledge can forestall the scan from reaching crucial logic within the utility.
- Customized Scan Discovery: The power to make use of check scripts and knowledge from devtools resembling Postman or Cypress for guiding the scanner, leading to a extra complete, thorough check with out the necessity for API docs.
- Customized Check Scripts: The power to check for particular use instances like enterprise logic, privateness legal guidelines, and delicate knowledge requires customized scripts. This performance additionally addresses the problem of tenancy checks, the highest vulnerability within the OWASP Prime 10, and testing for Damaged Perform Degree Authorization, that are check instances not lined with the ZAP library.
These desirous about studying extra about StackHawk’s Deeper API Safety Testing can see the performance in motion by registering right here for the webinar at 10 AM PT on Wednesday, September 28.
About StackHawk
StackHawk is making utility safety testing a part of software program supply. The StackHawk platform empowers engineers to simply discover and repair utility safety bugs at any stage of software program growth. With a robust founding staff that has deep expertise in safety and DevOps, and among the finest enterprise buyers within the enterprise, StackHawk is placing utility safety testing into the palms of engineers. Be taught extra and join a free trial at www.stackhawk.com.
