DEVOPSdigest

StackHawk announced API Discovery Powered by HawkAI, an AI driven feature, that gives security teams a more efficient way to understand their organization's attack surface.

HawkAI not only uncovers and recommends which APIs and applications to bring under test, but also boosts teamwork between security and developer teams, giving businesses the critical insights they need.

StackHawk's approach to API discovery leverages source code as the source of truth to obtain the full scope of an organization's APIs and applications. This offers a level of visibility, previously unavailable for AppSec teams to understand their organization's attack surface. StackHawk provides a prioritized view on which APIs and applications to bring under test to boost overall operational efficiency of your AppSec testing program while fostering improved workflows with development teams.

"Many security teams are struggling to keep pace with the rapid development of APIs," said Joni Klippert, CEO of StackHawk. "Our internal analysis reveals that a significant portion of APIs go untested simply because they are undiscovered. API Discovery powered by HawkAI solves this problem by automatically identifying all APIs within an organization's code repositories, giving security teams a complete picture of their attack surface."

Security teams benefit from API Discovery layered with HawkAI's comprehensive suite of features, including:

- Effortless Discovery and Attack Surface Definition: API Discovery powered by HawkAI integrates seamlessly with existing code repositories to automatically identify repositories containing running applications and APIs. This AI-powered solution uncovers previously unknown APIs, providing a comprehensive view of an organization's attack surface. Security teams can then monitor progress toward achieving complete API coverage.

- Continuous Oversight and Alignment with Security Policies: Once API assets are identified, HawkAI helps ensure that security processes keep pace with the constant stream of code changes. HawkAI tracks how often code is deployed to API assets and compares it to testing frequency. This enables security teams to identify discrepancies between security policies and actual testing coverage.

- Collaboration and Streamlined Security Testing: HawkAI goes beyond just discovery. It provides valuable insights to foster collaboration with development teams. When a previously untested asset is discovered, HawkAI identifies the last developer who committed code, allowing for easy communication and a deeper understanding of the asset's purpose. This streamlines the process of bringing the asset under security testing.

API Discovery powered by HawkAI ensures comprehensive testing coverage by prioritizing the identification of the API attack surface. The source code serves as the definitive source of truth for understanding this attack surface, providing a holistic view of APIs and applications. StackHawk's solution not only excels in discovering vulnerabilities but also enhances collaboration between security and developer teams. It simplifies the process of subjecting APIs and applications to thorough security testing, thereby fortifying your defenses effectively.

StackHawk is offering API Discovery powered by HawkAI to all Enterprise and trial customers.