Buddy with StackHawk CLI integration
What is StackHawk CLI?
StackHawk CLI is a command-line interface tool designed to help developers automate application security testing.
By using it, users can identify and address vulnerabilities in their web applications, improving the overall security of their software.
Integrating Buddy with the tool allows you to incorporate security testing into your CI/CD workflow. With the StackHawk CLI action, you can perform various security-related tasks, such as scanning your web applications for vulnerabilities and interpreting the scan results.
A sample pipeline can consist solely of the StackHawk CLI action with commands that perform the required security checks:
Example of StackHawk CLI action in pipeline
In case an issue is detected, adding the Slack action to the On failure scenario will ensure that your team gets notified and can take action:
Pipeline example with on failure section
Setting up StackHawk CLI integration
Navigate to the Integrations tab in Buddy and click New integration.
Look up and click StackHawk CLI:
StackHawk CLI integration selection
- A configuration window will show up:
StackHawk CLI integration configuration
Here you need to provide:
- Integration name
- Application key
- Once done, click New integration to finish configuration.
Obtaining StackHawk CLI application key
In your StackHawk account, head to Settings → API Keys and click Create New Api Key:
Creating API key in StackHawk
Once the pop-up appears, enter the name for the integration in StackHawk. Click Continue and copy the created key:
Configuring API key details
- Paste the created key in the integration configuration window in Buddy.
Last modified on April 19, 2024