Stackhawk CLI integration

What is StackHawk CLI?

StackHawk CLI is a command-line interface tool designed to help developers automate application security testing.

By using it, users can identify and address vulnerabilities in their web applications, improving the overall security of their software.

Integrating Buddy with the tool allows you to incorporate security testing into your CI/CD workflow. With the StackHawk CLI action, you can perform various security-related tasks, such as scanning your web applications for vulnerabilities and interpreting the scan results.

A sample pipeline can consist solely of the StackHawk CLI action with commands that perform the required security checks:

Image loading...

In case an issue is detected, adding the Slack action to the On failure scenario will ensure that your team gets notified and can take action:

Image loading...

Setting up StackHawk CLI integration

1. Navigate to the Integrations tab in Buddy and click New integration.

2. Look up and click StackHawk CLI:

Image loading...

3. A configuration window will show up:

Image loading...

Here you need to provide:

• Integration name
• Application key

4. Once done, click New integration to finish configuration.

Obtaining StackHawk CLI application key

1. In your StackHawk account, head to Settings → API Keys and click Create New Api Key:

   Image loading...

2. Once the pop-up appears, enter the name for the integration in StackHawk. Click Continue and copy the created key:

Image loading...

3. Paste the created key in the integration configuration window in Buddy.