# StackHawk ## StackHawk StackHawk is a dynamic application and API security testing tool built for developers. With powerful automation and integration capabilities, StackHawk gives engineers the ability to find and fix security vulnerabilities. HawkScan The StackHawk scanner, HawkScan, is our command-line based security bug scanner powered by OWASP ZAP. ## **Built for DevOps** is More #### Application Security at the Speed of DevOps Today’s environment of incremental changes deployed frequently requires a different approach to application security testing. Penetration tests and scheduled production scans no longer cut it. DevSecOps requires automated testing in CI/CD, notifying developers when they have introduced a new vulnerability, and equipping them for self-services fixes. ![](/files/f2JXDWAhJNQXtLqUBjxw) #### **Security as a Developer Tool** DevSecOps requires security distributed throughout the engineering team. With configuration as code, DevOps pipeline automation, and self-service functionality, application security is now a developer tool. * Alert on scans and findings in chat tools * Manage findings in existing ticketing systems * Self service fix documentation * Manage configuration as code --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://book.konstantinsecurity.com/readme/architect/ci-cd/devsecops/dast/stackhawk.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.