DEVOPSdigest

StackHawk launched Oversight to provide security teams with a birds-eye view of their API security program.

Oversight aggregates key security data across all applications, providing a birds-eye view that makes it simple to quickly identify which APIs need to be tested and where fixes need to be applied.

"You'd be surprised how many security teams are monitoring the overall health of their organization's security program via spreadsheets and legacy tools," said Joni Klippert, CEO and Co-Founder of StackHawk. "We didn't want to just create another dashboarding solution where folks stare at and admire their problems – we wanted to layer on actionable insights to improve security across the board."

Key Highlights of Oversight

- Scan Frequency Monitoring: Oversight flags applications that haven't been scanned in the last 30 days, ensuring that security teams are always aware of gaps in coverage.

- Total Findings Overview: The oversight panel highlights outstanding findings across all applications. This makes it easy for teams to prioritize remediation efforts and track which applications are most vulnerable.

- Attack Surface Insights: For organizations leveraging StackHawk's API Discovery feature, Oversight provides a view of the attack surface coverage, helping teams ensure they're testing all critical areas of their applications and identifying when new applications and APIs are added to their attack surface.

Earlier this year, StackHawk launched API Discovery which leverages source code to obtain the full scope of an organization's APIs and applications. Discovering APIs from an organization's source code repository (GitHub, Azure DevOps, Bitbucket) is the quickest, most complete way to uncover hidden and unknown APIs. Combined with today's launch of Oversight, StackHawk is offering security teams an end-to-end solution for shift-left API Security.