Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Awesome support
What do you like best about the product?
The support we had in getting StackHawk installed and working was great. They helped us out on any questions or issues we had and are always willing to get on a call to work through an issue.
What do you dislike about the product?
I can't think of anything I dislike. Any probomes are quickly resolved.
What problems is the product solving and how is that benefiting you?
Scaning a Web application looking for security vunrablities. We now have a more secure web application.
- Leave a Comment |
- Mark review as helpful
Scanning to stay compliant
What do you like best about the product?
The setup and scanning process is very straightforward and provides ongoing value to stay compliant with OWASP and the many other CVE's out there. It has already helped us improve security and we're able to learn while using it because of its documentation included in the reporting. On top of all this, it has also helped us with sales and procurement.
What do you dislike about the product?
False positives do occur when using Stackhawk but they're very limited.
What problems is the product solving and how is that benefiting you?
- Building secure applications and keeping them secure
- Enterprise sales are easier when you are a customer of Stackhawk
- Enterprise sales are easier when you are a customer of Stackhawk
Recommendations to others considering the product:
If you are using GraphQL in your tech stack then StackHawk should be a no-brainer.
DevSecOps tool for API and SPA’s dynamic scanning
What do you like best about the product?
Ease of deployment and speed to delivery. Tooling runs great for local dev as well in the CI. Uses GitOps approach for scanning definitions in CI. Ingesting Swagger/OpenAPI spec for surface scanning. Fast scanning and actionable results. ZAP on steroids with great tooling and developer experience.
What do you dislike about the product?
Would like to see smoketesting for CD to make sure basic security controls are in place for prod deploys.
What problems is the product solving and how is that benefiting you?
Shifting dynamic security scanning left in the development lifecycle so we can catch flaws earlier. Fuzzing / scanning public RESTful API surface.
Integrating StackHawk into our CI/CD Pipeline for best practice security well before production
What do you like best about the product?
Determining security holes and bugs within our chosen app stack is key to handling PII and PIFI data. The Stackhawk team is excellent; they follow up when our pipelines encounter issues via shared slack channel, usually before we even have a chance to follow up.
What do you dislike about the product?
We haven't found anything to dislike from StackHawk
What problems is the product solving and how is that benefiting you?
Security Best Practices, hardening our API and Application Code, testing against all known penetration points on each pull request.
Great solution that allows to customize scans with pretty good results.
What do you like best about the product?
That you can customize scans to make them fast and accurate.
What do you dislike about the product?
It based on OWASP Zap but you can't add your own plugins.
What problems is the product solving and how is that benefiting you?
API tests.
Easy and quick setup
What do you like best about the product?
In matters of minutes, one can set up and run a full scan against a web application. The intuitive and well-documented steps about how to integrate Stackhawk into the development lifecycle(build workflows, notifications) enabled us to get straight to what matters, which is the scan results.
Stackhawk's support was really helpful when needed.
Stackhawk's support was really helpful when needed.
What do you dislike about the product?
Some dashboard items could be improved, such as an option to export scan results to pdf and/or other formats; the scan page could be a bit less populated.
Also, a pay per scan plan would be well appreciated.
Also, a pay per scan plan would be well appreciated.
What problems is the product solving and how is that benefiting you?
We need to make sure that the applications we make available to our customers comply with the most common web application security standards.
Recommendations to others considering the product:
Stackhawk tool is easy to use, can be easily integrated into the development lifecycle, and can enable teams to have better visibility over possible security issues in their web applications.
Simple and easy to integrate automated testing tool!
What do you like best about the product?
Incredibly easy to integrate into our CI/CD pipeline using their provided Docker image and detailed guides.
It produces detailed yet easy-to-read reports that are suitable for sharing with stakeholders. StackHawk has helped increase stakeholder confidence in platform security.
It has helped us make automated security testing one of the first things we do when spinning up a new project. StackHawk has helped us stay on top of issues early in the development process.
The team is incredibly supportive and helpful if you run into any issues.
It produces detailed yet easy-to-read reports that are suitable for sharing with stakeholders. StackHawk has helped increase stakeholder confidence in platform security.
It has helped us make automated security testing one of the first things we do when spinning up a new project. StackHawk has helped us stay on top of issues early in the development process.
The team is incredibly supportive and helpful if you run into any issues.
What do you dislike about the product?
I wish there was a more automated flow for retrieving oauth credentials for your api/site when running tests, it is a bit manual at the moment.
What problems is the product solving and how is that benefiting you?
StackHawk allows us to continuously test our code as part of our CI/CD workflow. Whenever a developer pushes up code, StackHawk runs against it and sends a report of any security issues it found.
As an engineering lead, I can share the reports with other stakeholders, executives, and board members to communicate that we are identifying security issues proactively and addressing them before they become a problem. StackHawk has increased the confidence of everyone in our security practices.
As an engineering lead, I can share the reports with other stakeholders, executives, and board members to communicate that we are identifying security issues proactively and addressing them before they become a problem. StackHawk has increased the confidence of everyone in our security practices.
showing 51 - 57