Sign in
Sign in
or
Create a new account
Categories
Your Saved List Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

StackHawk

StackHawk, Inc. | 1

Reviews from AWS Marketplace

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

61 reviews
from G2

External reviews are not included in the AWS star rating for the product.

    ☁️ ⚡️ Sunil B.

StackHawk - A wonderful security testing tool

  • August 08, 2023
  • Review verified by G2

What do you like best about the product?
StackHawk is a wonderful security testing tool. It is easy to use and nice User interface.
What do you dislike about the product?
I have not got any issues from StackHawk to this date.
What problems is the product solving and how is that benefiting you?
StackHawk is solving our several problems and it is benefiting us a lot at this time. We fixed several vulnerabilities with stackhawk if any security issue affect our data.

    Carlos N.

Reliable solution

  • August 04, 2023
  • Review provided by G2

What do you like best about the product?
The price range is optimal, suitable for the organization size
What do you dislike about the product?
I don't think there are any major downsize
What problems is the product solving and how is that benefiting you?
Helping to find vulnerabilities, reducing the time every task takes

    Annmarie G.

Amazing

  • August 03, 2023
  • Review provided by G2

What do you like best about the product?
StackHawk is a super effective product for the company. It saves us money AND makes our processes more efficient.
What do you dislike about the product?
Nothing. I love StackHawk and what it does.
What problems is the product solving and how is that benefiting you?
StackHawk helps us with API Security.

    Retail

Good to have, in case it finds something in the future, but don't expect miracles

  • July 20, 2023
  • Review provided by G2

What do you like best about the product?
Can find the most common vulnerabilities in common web applications. Easy to use and nice UI.
What do you dislike about the product?
It comes nowhere near close to a real pen-testing, and it doesn't find many vulnerabilities in GraphQL.
What problems is the product solving and how is that benefiting you?
Having a DAST tool.

    Prateek J.

StackHawk: A great DAST tool to ensure API Security

  • July 08, 2023
  • Review verified by G2

What do you like best about the product?
1. It's a complete DAST and runtime security tool that can test any web application
2. Easy to integrate with almost all the major CI tools for automated testing
3. Dashboard provides almost all the necessary information with resolutions of findings
4. Quality support team
What do you dislike about the product?
1. Pricing is a bit high for small and medium businesses
2. You will find some false positives in the scan report
What problems is the product solving and how is that benefiting you?
We have multiple web applications built and hosted on various different platforms. This leads us to the problem of managing the API and runtime security of the application. StackHawk helps us in scanning all those applications with details reports and resolutions.

    MRIDUL N.

Quick Scan

  • June 23, 2023
  • Review verified by G2

What do you like best about the product?
I like that it is fast and dynamic, and I can also automate things.
What do you dislike about the product?
Troubleshooting network-related issues is a hectic process
What problems is the product solving and how is that benefiting you?
I use it for my web application scanning. It helps me find bugs in code that improves my application security.

    Ryan R.

Excellent, easy-to-integrate security tools to enhance awareness and provide diagnostics

  • August 01, 2022
  • Review verified by G2

What do you like best about the product?
My team began using Stackhawk a few months ago for just one application that supports a website product. It provides us with potentially overlooked security risks and allows us additional verififcation data that risks/issues are mitigated as we expect.

1. Easy. Stackhawk provides tooling that is incredibly easy to setup. They provide awesome documentation to start using the CLI. I also recommend the web UI though as the configuration is super straightfoward.
2. Informative. The results of Stackhawk security scans are fantastic. The details on risks/items identified are useful, clear, and nicely visualized. The web tool also provides utilities (ie copy as cURL) to attempt reproduce specific test failures or run further diagnoses.
3. Thorough for APIs. Finally, the security scanning tools are exceptional for API based applications/systems. Especially with a strict typing based architecture like GraphQL, Stackhawk can really provide high value ouputs for a relatively tiny setup cost/effort.
What do you dislike about the product?
I wouldn't say I dislike anything provided by Stackhawk at the moment. However, in the relatively contained method that we've used the tool, we have a few recommendations available for consideration.

1. Organization by concern area. The output risk items are nicely tagged. However, it would be valuable to provide tags or areas upfront that customizes/modifies the type of scan that is executed (ie targeting risks for cross-site scripting)
2. Technology-specific or stack-specific scans. Our application is a Ruby on Rails website and Stackhawk currently treats that as a generic web app. This is not a problem but as Stackhawk expands it would be interesting to drill-down on high-value tests that are relevant to an application's current architecture.
3. Github Security issues. Lastly, since we use Github actions for CI, it would be awesome to see an integration where Stackhawk risks are written straight to the repository's security items. I'm sure this is already possible today and is a matter of time before it becomes built-in.
What problems is the product solving and how is that benefiting you?
Stackhawk helps us be productive by providing security awareness and maintainence on a small team with limit capacity. It improves our efficiency and reduces development costs by providing us solid baseline security monitoring without the cost of spending major development time or having to pay external security groups/pen testers.

    AYROTI D.

Easy to use security bug finder

  • June 03, 2022
  • Review provided by G2

What do you like best about the product?
Stackhawk is an handy tool when it comes to security testing as well as operating. Tool helps me to avoid Vulnerable bugs. UI/UX of Stackhawk is top-notch and has vibrant colours.
What do you dislike about the product?
Stackhawk isn't great when it comes to setup of the software as it requires docker image for running in CI/CD pipeline which makes incompetent for non-containerized applications and it's support team is best.
What problems is the product solving and how is that benefiting you?
We're working on large codebase and one security vulnerability may cause our organization a huge loss, stackhawk plays a major role by finding security bug in live coding and suggests to how to solve.
Recommendations to others considering the product:
i would definitely recommend it

    Computer Software

Attended a workshop at Devops.js

  • March 30, 2022
  • Review provided by G2

What do you like best about the product?
How easy it was to set up, and while I may not need something so complete at the moment it's definitely something I would use with bigger projects.
What do you dislike about the product?
That I wasn't aware of this type of code check before and how much time it could save in the end.
What problems is the product solving and how is that benefiting you?
At the moment I haven't really solved any issue with StackHawk due to my project being quite small, but in a more mature and bigger project, this would solve a lot of issues. I mean having a test that analyzes and tells you some potential to improve your code is amazing.

    Avinash U.

Runtime security with StackHawk

  • March 18, 2022
  • Review verified by G2

What do you like best about the product?
The StackHawk tool has great documentation and is very intuitive to set up for a developer and for a DevOps person. With StackHawk, we can find vulnerabilities in a running environment rather than a static environment, which meant that we are aware of the threats to our application in a live environment. StackHawk has loads of CICD and notification integrations, although a few popular notification channels such as Discord are missing, which are used in most personal projects.
What do you dislike about the product?
StackHawk lacks the feature to set optional integrations for certain applications and environments. All scan results from all applications and environments are sent to all integrations that are enabled. In the Datadog integration, the overall risk level is not sent and it is inconvenient to set up custom parsing rules to calculate the risk level and alert based on that. StackHawk requires a docker image for running tests in CICD, and not all applications are containerized, making this incompatible for non-containerized applications. A JUnit report format would have been an excellent addition to the existing list of JSON and PDF report formats.
What problems is the product solving and how is that benefiting you?
We use StackHawk to find out vulnerabilities of our application when it is running through GitHub actions and through regular CLI checks. The output result is sent to Datadog/Slack. We are able to catch vulnerabilities before the application reaches production through the CICD integration and even monitor our production environment through the CLI.
Recommendations to others considering the product:
StackHawk is heavily dependent on Docker. If your organization does not use Docker for your applications, StackHawk might not be the right fit for DAST.

showing 11 - 20