DEVOPSdigest

StackHawk announced a new integration with Microsoft Defender for Cloud to help organizations build software more securely.

APIs are crucial to building modern applications. As a result, the API layer has become a critical security risk for many organizations. Efficient and proactive API security testing remains a pivotal challenge for security teams looking to strengthen their API security posture.

StackHawk's latest product integration with Microsoft Defender for Cloud – a cloud-native application protection platform, gives security professionals greater visibility into the security status of their APIs during the time of development within one unified viewpoint and complements the runtime API security capabilities provided by Defender for APIs. The integration with StackHawk will enable users to aggregate API security findings and posture insights across multiple tools, providing AppSec professionals with a correlated view of current risks and a more integrated approach to securing APIs.

StackHawk continues to bridge the gap between application owners and security teams by combining shift-left and developer automation with visibility and insights into the health of an organization's security posture. This latest product integration adds to StackHawk's existing integrations across the Microsoft and GitHub ecosystems, allowing engineers to automate security testing via GitHub Actions and GitHub Advanced Security and now giving AppSec teams the API Security insights and oversight with Microsoft Defender for Cloud.

Microsoft customers looking to prioritize API security testing now have a seamless path with StackHawk. The StackHawk platform is intricately woven into the Microsoft ecosystem. Developers can quickly activate a free trial of StackHawk, integrating security testing workflows with CI/CD platforms like GitHub Actions or Azure DevOps. When graduating from the free tier, Microsoft customers can purchase StackHawk through the Azure Marketplace to reduce or completely eliminate procurement time. Information about how to integrate StackHawk scan results into Defender for Cloud can be found here.

"StackHawk's integration with Microsoft Defender for Cloud extends the ability to assess the API security posture of an application beyond what's happening in production," said Joni Klippert, CEO and co-founder at StackHawk. "The StackHawk platform is designed to support teams in identifying and fixing API security vulnerabilities earlier in the development process while delivering secure code prior to production. This collaboration with Microsoft will enable customers to seamlessly pinpoint API security risks across their entire API ecosystem, strengthening their security posture."

"Our collaboration with StackHawk builds upon Defender for Cloud's current API security capabilities, providing our customers with a proactive approach to identifying vulnerabilities in APIs," said Vlad Korsunksky, Vice President, Cloud & Enterprise Security at Microsoft. "Working together with StackHawk, we equip security teams with the knowledge, context and clarity needed to identify and mitigate API security risks across their entire lifecycle."