StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.
StackHawk, a software-as-a-service startup that empowers software engineers to easily find and fix application security bugs before they hit production, is launching into general availability.
Over the past year, the product has built a strong base of Early Access customers who have automated their AppSec testing in the CI pipeline, checking for vulnerabilities on every merge. With great feedback from these early customers, StackHawk is now available to any company that wants to deliver secure software.
"We decided to build StackHawk because of the gaping hole in developer-centric security tooling," said Joni Klippert, StackHawk founder and CEO. "I am incredibly proud of the ways we have been able to deliver on that promise as we announce our general availability. Our most excited feedback from early access customers has consistently been from developers and engineering leaders that finally have a tool that fits their workflows and allows them to take ownership of their application security."
While shifting security left is a common refrain within the security industry, the other application security products on the market still assume that a security team member is running the security tests and that tests are run on a scheduled basis. StackHawk is different, with features built specifically for the engineering teams that build the applications.
This shifts the approach from point-in-time pen tests or weekly scheduled scans to automated testing of the microservices that make up a customer facing application in the CI/CD pipeline. This approach shortens fix times, pushes potential vulnerabilities to the engineering teams that built the feature, and ensure that vulnerabilities are caught before they hit production. Key to this automation is integration with CI/CD tooling. StackHawk has partnered with the major CI providers such as CircleCI and GitLab to make it simple to AppSec tests into the build pipeline.
"As a CISO, I know that the application security model used by most software teams does not scale," said Scott Gerlach, co-founder and Chief Security Officer at StackHawk. "Pipeline automation of your security testing is the only way to truly integrate this into modern software delivery, and no one does it better than us. We are excited for more customers to start using StackHawk and ensuring security as they deliver software."
The company offers a startup plan to support earlier stage companies that care about security, but have historically been priced out of the market by enterprise security vendors.
Industry News
Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.
Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.
AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.
Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.
Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.
Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.
Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.
Platform9 announced that Private Cloud Director Community Edition is generally available.
Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.
CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.