StackHawk



Application Security at the Speed of Software Delivery

Give us a try with a free 14 day Enterprise trial.

M

Pricing Contact

Looking to chat about how StacHawk can help your team? Curious about an Enterprise rollout? Contact Us.

Name(Required)
Talk to an Expert
Compare Features

PRO

$42

Per Code Contributor Per Month
Five Contributor Minimum

Pro offers teams the ability to find, triage, and fix security issues within the developer ecosystem across all applications and APIs.

Talk to an Expert

ENTERPRISE

$59

Per Code Contributor Per Month
20 Contributor Minimum


Enterprise offers all the advantages of our Pro plan, and includes customized scanning with expanded coverage to manage vulnerabilities across organizations and teams.

Talk to an Expert

CUSTOM

Contact our AppSec Professionals

Have more than 50 developers? Volume discounts are available. Contact our team to discuss your AppSec needs!

Contact Us

Today’s applications run on hundreds, if not thousands, of APIs and services and that’s why we support and encourage testing all of your Apps and APIs as frequently as possible.

We provide pricing that is easily predictable; based on your engineers who contribute code in the applications and APIs being tested.

Included in every plan:

Unlimited Usage

Run as many scans across all applications and environments, and with unlimited access for users.*

API Support

Complete coverage for REST, GraphQL, SOAP, and gRPC APIs.

Authentication

Utilize authentication as code to effectively and reliably scan all of your applications.

Performance

Optimized for speed, reliability, and depth of scanning across all applications.

Scan Validation

Validate and verify exploits discovered with our cURL based validation command.

Automation

Run in any development environment with our Docker and CLI tools.

Historical Data

Track scan data and gain insight into vulnerabilities over time and across environments.

Support

KaaKawesome documentation and email-based support from our Customer Success team.

Notifications

Utilize existing tools like Slack, Jira, and Azure DevOps Boards to speed up triage and fix.

*StackHawk differentiates between user and code contributor. A code contributor is an individual who has contributed to a code repository under StackHawk test in the last 90 days of commits.

PRO

$42

Start Free Trial

Per Code Contributor Per Month

t

A code contributor is an individual who has contributed to a code repository under StackHawk test in the last 90 days of commits.

Code Contributor Minimums Apply

ENTERPRISE

$59

Start Free Trial

Feature Comparison

Decide which level best fits your team.

Usage

Available on both our PRO and ENTERPRISE plans:

  • Unlimited scans and environments
  • Unlimited applications

Speed

Custom scan discovery eliminates spider delays and the local scanner running next to your app removes latency wait times.

PRO

  • Custom Scan Discovery enables you to use existing Postman Collections, Cypress, Selenium or any other test scripts to seed your scan and test data
  • Tech flags mean you only scan for tech that’s relevant to your API and app and reduce false positives
  • Rescan lets you quickly rerun only previously failed tests to quickly validate fixes

ENTERPRISE

Everything in Pro, plus:

  • Policy management lets you control the tests you run

Coverage

Complete coverage across all REST, GraphQL, gRPC & SOAP APIs. Custom Scan Discovery, or Custom Test Data with Open API Specs, Seed Paths and spider capabilities, enable full discovery across all paths. CustomEasily reproduce alerted vulnerabilities with cURL based validation.

PRO

  • Custom Test Data ensures all paths are access and all test cases are exercises
  • Custom Scan Discovery enables you to use existing Postman Collections, Cypress, Selenium or any other test scripts to seed your scan and test data
  • Rescan lets you quickly rerun only previously failed tests to quickly validate fixes

ENTERPRISE

Everything in Pro, plus:

  • Seed Paths mean all critical paths are scanned
  • Policy management allows you to customize what you test, where and when
  • Custom Test Scripts mean even your business logic and tenancy checks can be automated

Authentication

Available on both our PRO and ENTERPRISE plans:

  • Reliable, repeatable authentication as code. Validated at the beginning of scans, saving time and frustration!

Automation

Available on both our PRO and ENTERPRISE plans:

  • Runs anywhere you need it! Ephemeral Docker container integrates with all major CI/CD pipelines. Configure it to break the build on critical issues or catch issues before they hit your pipeline by enabling devs with the CLI version on their local machine.

Management

Manage findings across the organization with granular access control between roles for faster fixes.

PRO

  • Applications Dashboard with Oversight Visualizations
  • Findings triage

ENTERPRISE

Everything in Pro, plus:

  • Teams Based Access
  • Role Based Permission
  • Executive Summary Report
  • Activity History & Audit Log

Interoperability

Flexibility to integrate and operate with the most commonly used Dev tools.

PRO

  • GitHub CodeQL SAST Integration
  • Snyk SAST integration
  • Add to PR checks in GitHub
  • See scan results in GitHub PR comments
  • Jira Cloud & Security in Jira integration
  • Slack integration
  • API access for all major functionality, scan results and audit logs

ENTERPRISE

Everything in Pro, plus:

  • AzureBoards, Defect Dojo
  • Webhooks
  • MS Teams
  • Single Sign-On

Support

Customer approved support team, we’re serious, our customers love our support team.

PRO

  • Email, Chat & Slack Based Support

ENTERPRISE

Everything in Pro, plus:

  • Dedicated Slack-based Support
  • Premier Zoom Support