StackHawk Blog - Plushcap

Blog URL

www.stackhawk.com/blog

Posts YTD

35 ↓ vs 37 last year

Avg Posts/Month

4.7 since 2022

Monthly Post Volume

Start year:

Post Details

Search:

Title	Author	Published	Words	HN Pts
Creating API Test Cases: A Practical Guide with Examples	Matt Tanner	2025-12-29	2,545	--
5 Common Causes of API Security Breaches and How to Prevent Them	Matt Tanner	2024-09-19	1,323	--
NodeJS Broken Authentication Guide: Examples and Prevention	StackHawk	2022-02-10	1,869	--
Laravel Broken Object Level Authorization Guide: Examples and Prevention	StackHawk	2022-03-21	1,550	--
A Developer's Guide to Dynamic Analysis in Software Security	Matt Tanner	2025-10-08	2,449	--
React Broken Authentication Guide: Examples and Prevention	StackHawk	2022-01-27	1,865	--
Getting Started with the New StackHawk CLI	Rebecca Warren	2022-01-13	857	--
StackHawk’s Prevention-First API Security Platform Recognized in 2025 GigaOm Radar Report	Payton O'Neal	2025-08-14	779	--
Stop Guessing. Start Prioritizing. Sensitive Data Identification Now in Beta	StackHawk	2025-04-24	454	--
How to Fix "No 'Access-Control-Allow-Origin' Header Present"	Matt Tanner	2025-07-03	2,685	--
What is an API: A Beginner's Guide to Application Programming Interfaces	StackHawk, Scott Gerlach	2024-04-05	3,463	--
Vue Broken Access Control Guide: Examples and Prevention	StackHawk, Scott Gerlach	2022-04-12	1,338	--
The Best API Monitoring Tools to Enhance Your Application Performance and Security	Matt Tanner	2024-11-12	3,173	--
Best SAST Tools of 2025	Matt Tanner	2025-09-19	1,934	--
Secure Software Development Lifecycle: The Complete Guide	Matt Tanner	2025-10-02	3,621	--
The Ultimate Guide to Choosing an API Testing Framework	StackHawk	2025-02-06	4,181	--
What is REST API Testing? Tools and Best Practices for Success	StackHawk, Scott Gerlach	2024-07-12	3,646	--
NodeJS XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-03-03	1,182	--
4 Best Practices for AI Code Security: A Developer's Guide	Matt Tanner	2025-08-21	3,242	--
Announcing API Discovery Powered by HawkAI	StackHawk	2024-07-31	462	--
Accelerating Security with StackHawk: Reducing Distance, Maximizing Speed	Scott Gerlach	2024-02-16	627	--
API Security Testing: A Complete Guide for Developers	Scott Gerlach	2025-11-24	2,435	--
NodeJS Broken Object Level Authorization Guide: Examples and Prevention	StackHawk	2022-03-25	1,425	--
Understanding and Protecting Against LLM05: Improper Output Handling	Matt Tanner	2025-12-09	2,674	--
StackHawk Secures Top Honor in 2024 Global Infosec Awards at RSA 2024	StackHawk, Scott Gerlach	2024-05-06	667	--
Decoding the Flavors of DAST: From Legacy Scanners to AI Pen Testing	Payton O'Neal	2025-10-24	1,964	--
React XML External Entities Guide: Examples and Prevention	StackHawk	2022-03-14	1,124	--
.NET Command Injection: Examples and Prevention	StackHawk	2022-01-13	1,290	--
Modern Continuous Security: A Quick Start Guide to Securing Your Software Development …	Nicole Jones	2024-04-15	697	--
Mastering GraphQL Security: A Comprehensive Guide	Nicole Jones	2024-06-06	2,456	--
StackHawk + Cycode: Runtime Testing Meets Security Posture Management	Morgan Hennessy	2025-11-25	469	--
Java Broken Authentication Guide: Examples and Prevention	StackHawk	2022-05-12	1,470	--
Developer's Guide to Fixing The 6 Most Common API Vulnerabilities	StackHawk	2025-02-25	2,019	--
API Security Monitoring vs. Testing: A Comprehensive Guide	Matt Tanner	2025-03-14	2,743	--
What is Cloud API Security? A Complete Guide	StackHawk	2024-09-26	3,187	--
Rapid7 DAST vs. StackHawk: Complete Application Security Comparison (2025)	Kelsey Kinzer	2025-07-10	1,412	--
Understanding The 2023 OWASP API Top 10 Security Risks	Matt Tanner	2024-01-18	2,416	--
Building Multi-Architecture Docker Images in CICD	Omar Alkhalili	2022-07-01	1,094	--
Managing Node and NPM Versions in Our Projects: Best Practices for Developers	Brandon Ward	2023-08-23	1,083	--
Understanding and Protecting Against OWASP LLM01: Prompt Injection	Matt Tanner	2025-11-26	2,416	--
Django CORS Guide: What It Is and How to Enable It	Matt Tanner	2025-08-21	4,894	--
Discover the Best API Discovery Tools in 2025	Matt Tanner	2025-09-03	2,811	--
Guide to Security in .NET	StackHawk	2022-05-19	1,214	--
Embracing the Future of Security with the Shift-Left Maturity Model	Joni Klippert	2024-06-24	1,337	--
StackHawk Announces HawkScan Test Engine	Scott Gerlach	2024-06-01	232	--
Spring Broken Authentication Guide: Examples and Prevention	StackHawk	2022-04-21	1,276	--
Rails Excessive Data Exposure: Examples and Prevention	StackHawk	2022-05-18	1,290	--
Functional API Testing: A Complete Guide	StackHawk	2025-01-30	3,165	--
Django Broken Object-Level Authorization Guide: Examples and Prevention	StackHawk	2022-02-08	1,967	--
.NET Content Security Policy Guide: What It Is and How to Enable …	StackHawk	2022-02-18	1,374	--
How to Scale DAST Testing: 3 Strategic Paths	Nicole Jones	2025-12-18	1,290	--
May Newsletter: API Access to Scan Data, Seed Paths, and More!	Nicole Jones	2022-05-31	409	--
Understanding LLM Security Risks: OWASP Top 10 for LLMs (2025)	Kelsey Kinzer	2025-10-14	2,686	--
.NET Open Redirect Guide: Examples and Prevention	StackHawk	2022-02-07	1,231	--
Angular CORS Guide: Examples and How to Enable It	Matt Tanner	2025-07-08	3,584	--
Maximize Security with GitHub Advanced Security and DAST: What It Is and …	StackHawk	2025-01-21	2,384	--
Introducing StackHawk’s LLM Security Testing: Find LLM Risks Pre-Production	Scott Gerlach	2025-11-13	747	--
.NET HTTP Strict Transport Security Guide: What It Is and How to …	StackHawk	2022-02-21	1,525	--
7 Best Vulnerability Assessment Tools	Matt Tanner	2025-06-02	1,273	--
Spring Broken Object Level Authorization Guide: Examples and Prevention	StackHawk	2022-04-11	1,331	--
July Newsletter 2022: GitHub CodeQL Integration, G2 Awards, and more!	Nicole Jones, Scott Gerlach	2022-07-29	237	--
Golang XML External Entities Guide: Examples and Prevention	StackHawk	2022-03-24	1,420	--
API Discovery vs. API Monitoring: Why Proactive API Security is the Future	StackHawk	2024-10-16	1,487	--
Building a Secure API Ecosystem Starts with API Discovery	Nicole Jones	2024-05-02	477	--
Defending Against API Attacks: Strategies for Protecting Your APIs and Data	StackHawk	2024-05-30	2,946	--
StackHawk Announces Integration with Microsoft Defender for Cloud	StackHawk	2024-05-07	584	--
Understanding and Protecting Against LLM07: System Prompt Leakage	Matt Tanner	2025-12-17	2,567	--
Understanding and Protecting Against API5: Broken Function Level Authorization	StackHawk, Scott Gerlach	2024-04-25	2,815	--
Modern Apps Might Not Even Have a Frontend—So Why Is Your Security …	Scott Gerlach	2025-05-27	1,744	--
TypeScript CORS Guide: What It Is and How to Enable It	StackHawk	2022-01-14	1,788	--
Re-Defining API Discovery: How We Designed API Discovery Powered by HawkAI	Scott Gerlach	2024-04-30	509	--
Finding and Fixing BOLA Vulnerabilities in NodeJS With StackHawk	StackHawk	2024-03-24	4,249	--
Top 10 API Tools For Testing in 2025	Billy Shea	2025-02-18	3,639	--
Finding and Fixing BFLA Vulnerabilities in NodeJS With StackHawk	StackHawk	2024-05-23	4,207	--
.NET Broken Access Control Guide: Examples and Prevention	StackHawk	2022-02-25	1,721	--
What is Cross-Site Request Forgery (CSRF)?	Brian Myers, Scott Gerlach	2024-01-03	2,642	--
.NET SQL Injection Guide: Examples and Prevention	StackHawk	2025-07-17	2,521	--
Golang CORS Guide: What It Is and How to Enable It	Matt Tanner	2025-07-22	2,659	--
Dynamic Application Security Testing vs. Penetration Testing	Billy Shea	2025-06-26	2,033	--
Understanding and Protecting Against API4: Unrestricted Resource Consumption	Kaitlyn Marler	2024-11-06	1,385	--
Kotlin Broken Object Level Authorization Guide: Examples and Prevention	StackHawk	2022-05-24	1,258	--
Bridging the Gap: The Importance of Understanding How Software is Built	Alexa Sevilla	2024-03-22	582	--
StackHawk + GitHub: Dev-First Security Testing Across the GitHub Universe	Nicole Jones	2023-10-04	1,133	--
Why Legacy DAST Fails for Modern Applications and How to Fix It	Scott Gerlach	2025-03-17	1,283	--
5 Tips for Testing Large Applications and APIs	Nicole Jones	2024-07-25	2,562	--
Stop Choosing Between SAST and DAST—Start Connecting Them	Payton O'Neal	2025-10-29	887	--
OpenAPI Security: Why Specifications Are Your API Security Testing Foundation	Scott Gerlach	2025-10-21	1,248	--
Node.js SQL Injection Guide: Examples and Prevention	Matt Tanner	2025-08-25	3,577	--
Lua CSRF Protection Guide: Examples and How to Enable	StackHawk	2022-03-18	1,347	--
What is Path Traversal?	StackHawk, Scott Gerlach	2022-05-05	1,384	--
Decoding DAST vs SAST: Maximizing App Security	Matt Tanner	2025-02-15	1,629	--
StackHawk + Atlassian: Working Together to Help You Shift Left the Right …	Charles Sanders	2023-06-06	482	--
Application Security Risks: 4 Types and How to Fix Them	StackHawk	2022-11-09	1,290	--
Understanding and Protecting Against LLM02: Sensitive Information Disclosure	Matt Tanner	2025-12-05	2,207	--
Getting Started With the New StackHawk Scanner	Rebecca Warren	2022-01-28	1,439	--
Understanding and Protecting Against LLM10: Unbounded Consumption	Matt Tanner	2025-12-23	2,887	--
Importance of Web Application Security: Three Benefits	StackHawk	2022-11-17	1,181	--
StackHawk Announces $100,000 Fund Dedicated to Improving ZAP and the ZAP Community	Joni Klippert	2022-03-08	422	--
Node.js CORS Guide: What It Is and How to Enable It	Matt Tanner	2025-07-31	3,421	--
Laravel Excessive Data Exposure: Examples and Prevention	StackHawk	2022-05-10	1,451	--
Guide to Enhancing Security in Node.js Applications	StackHawk	2025-03-20	2,178	--
What is Black Box Testing? Types, Techniques, and Best Practices	Matt Tanner	2025-11-13	2,779	--
OWASP Top 10: Finding GraphQL Vulnerabilities with StackHawk	Nicole Jones	2025-03-10	3,014	--
What is CORS? A Complete Guide to Cross-Origin Resource Sharing	Scott Gerlach	2025-07-21	2,357	--
Angular Excessive Data Exposure: Examples and Prevention	StackHawk	2022-05-15	1,712	--
What is Command Injection? A Complete 2025 Security Guide	Scott Gerlach	2025-08-01	3,141	--
Why Source Code Visibility is the Secret Weapon to DAST that Scales	Payton O'Neal	2025-11-11	951	--
StackHawk Releases First of its Kind Integration with Snyk that Correlates Dynamic …	StackHawk	2022-04-27	606	--
Java Broken Object Level Authorization Guide	StackHawk	2022-05-12	1,544	--
Lua XSS: Examples and Prevention	StackHawk	2022-03-01	1,453	--
Legacy DAST is Dead! Long Live Modern DAST!	Scott Gerlach	2024-03-25	837	--
Golang Broken Authentication Guide: Examples and Prevention	StackHawk	2022-03-17	1,381	--
It’s Not That APIs Are Stateful—It’s That Context Matters	Scott Gerlach	2025-06-03	1,641	--
OWASP ZAP: Open Source App Security Testing	Ryan Severns	2025-03-06	2,070	--
What is Dynamic Application Security Testing (DAST)?	Matt Tanner	2025-07-11	2,169	--
XSS Attacks: Types, Examples, Prevention	Allie Mellen, Scott Gerlach	2025-02-13	1,474	--
Understanding and Protecting Against API7: Server-Side Request Forgery	Matt Tanner	2024-09-12	1,992	--
Developing with Webhooks	Brandon Ward	2022-03-28	464	--
REST API Security: Best Practices Guide	Matt Tanner	2025-05-08	2,467	--
The SOAR Framework: 4 Stages of Rolling Out DAST at Scale	Payton O'Neal	2025-12-11	1,697	--
What is API Discovery? Everything You Need to Know	StackHawk, Scott Gerlach	2025-03-18	2,507	--
A Developer's Guide to Writing Secure Code with Cursor	Matt Tanner	2025-09-18	3,646	--
Lua Command Injection: Examples and Prevention	StackHawk	2022-03-02	1,338	--
Top Tools for Effective Application Security Scanning	Matt Tanner	2024-08-20	2,694	--
Vue XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-04-29	1,308	--
Introducing StackHawk’s GitLab Integration: Unlock Full API Discovery for Your Code	Aaron White	2025-03-19	453	--
Rust Broken Authentication Guide: Examples and Prevention	StackHawk	2022-05-02	1,370	--
How To Discover Your API Attack Surface	Nicole Jones	2024-07-23	2,117	--
Business Logic Testing: Why Your Scanner Can't Find What It Doesn't Understand	Nicole Jones	2025-10-17	2,298	--
How API Discovery Empowers AppSec Professionals and Fuels Innovation	Nicole Jones	2024-05-09	467	--
Finding and Fixing BFLA Vulnerabilities in Flask (Python) With StackHawk	StackHawk	2024-05-21	4,480	--
What is an Application Security Scanner?	Matt Tanner	2025-05-28	1,754	--
Rails Broken Authentication Guide: Examples and Prevention	StackHawk	2022-03-16	1,788	--
Kotlin & Protobuf Tips & Tricks	Topher Lamey	2022-06-28	706	--
.NET Path Traversal Guide: Examples and Prevention	StackHawk	2022-02-09	1,314	--
The AppSec Guide to Shift-Left Security: How to Integrate Security Earlier in …	Alexa Sevilla, Scott Gerlach	2024-08-27	2,012	--
API Fuzzing: What It Is and How to Use It	Matt Tanner	2025-01-27	1,636	--
Streamlining Security Tooling in the Developer Workflow with StackHawk and GitHub CodeQL	Joni Klippert	2022-07-14	727	--
.NET CORS Guide: What It Is and How to Enable It	StackHawk	2022-01-20	1,445	--
StackHawk + Endor Labs: Correlating and Prioritizing SAST and DAST Findings	Aaron White	2025-11-20	488	--
A Developer's Guide to Writing Secure Code with Windsurf	Matt Tanner	2025-09-30	4,097	--
ZAP vs. StackHawk: Dynamic Application Security Testing Tool Comparison	Ryan Severns, Scott Gerlach	2023-02-02	1,083	--
.NET CSRF Protection Guide: Examples and How to Enable	StackHawk	2022-02-03	1,299	--
Typescript SQL Injection Guide: Examples and Prevention	StackHawk, Scott Gerlach	2022-01-24	1,595	--
Typescript Command Injection: Examples and Prevention	StackHawk, Scott Gerlach	2022-01-25	1,319	--
Laravel Broken Authentication Guide: Examples and Prevention	StackHawk	2022-02-01	1,293	--
A Developer's Guide to Writing Secure Code with Claude Code	Matt Tanner	2025-10-06	4,421	--
React Content Security Policy Guide: What It Is and How to Enable …	Matt Tanner	2025-07-24	3,536	--
Announcing GitHub Insights	Nicole Jones	2023-09-06	678	--
A Developer's Guide to Writing Secure Code with Amp (by SourceGraph)	Matt Tanner	2025-07-02	3,309	--
How to Establish an Application Security Policy	StackHawk	2022-11-16	1,284	--
Secure Code in the Age of AI: Challenges and Solutions	Joni Klippert	2023-08-04	771	--
MCP Security: Navigating LLM and AI-Agent Integrations for AppSec Teams	Matt Tanner	2025-08-27	3,806	--
Guide to Security in Kotlin	StackHawk	2022-05-27	1,875	--
9 Best Application Security Tools	Billy Shea	2025-05-16	2,605	--
Understanding and Protecting Against OWASP API10: Unsafe Consumption of APIs	StackHawk	2024-02-29	1,794	--
Using Postman for Testing API Endpoints: A Practical Guide for Functional API …	Matt Tanner	2024-12-13	3,282	--
Scanning the Damn Vulnerable Web App with StackHawk	Scott Gerlach	2023-03-30	2,375	--
Breaking the API Testing Bottleneck: AI-Powered OpenAPI Spec Generation	Aaron White	2025-08-20	916	--
Understanding and Protecting Against API1: Broken Object Level Authorization	StackHawk	2024-03-14	2,579	--
DAST Onboarding in Minutes with StackHawk’s GitHub Copilot Custom Agent	Scott Gerlach	2025-10-28	750	--
Announcing Sensitive Data Identification: Secure the APIs That Matter Most	Aaron White	2025-06-12	882	--
Web Application Security Threats in 2025: 10 Critical Risks Every Organization Must …	StackHawk	2025-07-23	1,986	--
.NET XSS: Examples and Prevention	StackHawk	2022-02-14	1,650	--
Django XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-04-20	1,376	--
Top 5 Burp Suite Alternatives in 2025	Matt Tanner	2025-06-06	2,144	--
Customized and Configurable Scan Discovery	Sam Volin	2024-03-04	1,024	--
The Ultimate Guide to API Security Testing: Best Practices and Essential Tools	StackHawk	2024-11-19	2,441	--
StackHawk Raises $20.7 Million in Series B Funding	StackHawk	2022-05-12	845	--
Django Excessive Data Exposure: Examples and Prevention	StackHawk	2022-05-09	1,468	--
Django Broken Authentication Guide: Examples and Prevention	StackHawk	2022-03-11	1,114	--
Finding and Fixing SQL Injection Vulnerabilities in Node (Express) with StackHawk	StackHawk	2024-02-13	3,030	--
Best Practices for gRPC Security	Nicole Jones	2024-06-05	2,185	--
.NET Broken Authentication Guide: Examples and Prevention	StackHawk	2022-03-18	1,456	--
StackHawk API Discovery Webinar: Key Insights	Kaitlyn Marler	2024-08-29	665	--
React CSRF Protection Guide: Examples and How to Enable It	Matt Tanner	2025-08-12	5,408	--
The Top 10 DAST Tools for Application Security in 2026	Billy Shea	2025-12-22	2,249	--
Laravel XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-01-26	1,291	--
Lua CORS Guide: What It Is and How to Enable It	StackHawk	2022-03-13	1,340	--
React2Shell: What To Know About The Critical React RCE Vulnerability	Scott Gerlach	2025-12-15	1,103	--
Angular Broken Authentication Guide: Examples and Prevention	StackHawk	2022-02-04	1,819	--
Scaling Security Across Applications: Best Practices and Strategies	Brian Erickson	2023-05-17	618	--
StackHawk + GitHub: A Saga in Shift-Left Security	Brandon Ward	2022-10-25	607	--
The Best ASPM Tools to Strengthen Your Application Security Posture in 2025	Matt Tanner	2025-07-18	1,922	--
.NET XML External Entities Guide: Examples and Prevention	StackHawk	2022-03-12	1,135	--
Rails XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-03-04	1,427	--
Finding and Fixing SSTI Vulnerabilities in Flask (Python) With StackHawk	StackHawk	2024-08-08	2,705	--
Application Security Audit: An In-Depth Guide	StackHawk	2022-11-21	1,357	--
Introducing the StackHawk Model Context Protocol (MCP) Server	Aaron White	2025-08-28	716	--
Love Your APIs: Secure Every Pull Request with StackHawk	Dana White	2025-04-28	729	--
Understanding SOC 2 Security Compliance and Testing	Matt Tanner, Scott Gerlach	2025-03-10	3,995	--
Top Code Security Scan Tools of 2025	Matt Tanner	2025-09-26	2,363	--
What Is SAST? A Complete Guide to Static Application Security Testing	Matt Tanner	2025-09-04	2,242	--
Automate Security in CI/CD with StackHawk and Azure DevOps	Alberto Fidalgo	2023-04-06	421	--
What is Software Composition Analysis (SCA)? SCA Scanning Overview and Tooling Guide	Brian Myers	2025-02-11	2,237	--
TypeScript CSRF Protection Guide: Examples and How to Enable	StackHawk, Scott Gerlach	2022-02-02	1,512	--
Multiple Cookies and Token Authentication: Enhancing API Security	Alberto Fidalgo	2023-08-08	634	--
Secure AI-Powered Development: Why Speed Without Security Is a Business Risk	Matt Tanner	2025-08-26	1,533	--
Open Redirect Vulnerability Explained: What It Is, How It Works, and How …	StackHawk, Scott Gerlach	2025-07-30	3,431	--
Laravel CORS Guide: What It Is and How to Enable It	StackHawk	2025-07-09	3,944	--
Spring XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-04-07	1,293	--
Angular XML External Entities (XXE) Guide: Examples and Prevention	StackHawk	2022-05-04	1,427	--
Golang Broken Object Level Authorization Guide: Examples and Prevention	StackHawk	2022-03-09	1,782	--
Web Application Security Checklist: 10 Improvements For the API-Driven Era	StackHawk, Scott Gerlach	2025-09-17	3,988	--
Your AppSec Journey Demystified: Driving Effective API Security with StackHawk and Wallarm	Scott Gerlach	2024-11-13	633	--
Essential Cybersecurity Tool Breakdown: The 2024 Essentials for Optimal Protection	StackHawk	2024-04-04	2,271	--
What Is SQL Injection and How Can You Prevent It?	Allie Mellen	2025-08-06	3,554	--
Finding and Fixing SQL Injection Vulnerabilities in Flask (Python) with StackHawk	StackHawk	2024-02-22	2,995	--
How Does an API Gateway Improve Security? A Leader's Guide	StackHawk	2022-11-22	1,104	--
What Is Vulnerability Testing?	Nicole Jones	2025-05-27	1,891	--
Do You Trust Your X-Forwarded-For Header?	Brandon Ward	2023-04-18	1,597	--
Top API Security Attacks: Understanding and Mitigating the Risks	StackHawk	2024-09-24	2,534	--
NodeJS Broken Access Control Guide: Examples and Prevention	StackHawk	2022-02-24	1,677	--
How Does StackHawk Work?	Matt Tanner	2024-01-11	2,705	--
React CORS Guide: What It Is and How to Enable It	StackHawk	2025-07-15	3,714	--
December Product Updates	Brian Erickson	2024-12-11	543	--
Semgrep + StackHawk: Unified SAST & DAST For Faster Fixes	Aaron White	2025-10-22	593	--
Optimizing Security Scan for Speed and Accuracy	Lindsy Farina	2023-06-29	1,034	--
Introducing Intelligent Business Logic Testing: Find Authorization Flaws Pre-Production	Aaron White	2025-12-16	1,089	--
The Risk Isn’t in the Endpoint—It’s in the Interaction	Scott Gerlach	2025-06-17	2,758	--
Golang Broken Access Control Guide: Examples and Prevention	StackHawk	2022-03-15	1,328	--
Penetration Testing vs. Vulnerability Scanning	Matt Tanner	2025-11-17	1,989	--
Lua SQL Injection Guide: Examples and Prevention	StackHawk	2022-03-07	1,565	--
Announcing StackHawk's $20.7 Million in Series B Funding to Drive Developer-First Security	Joni Klippert	2022-05-12	810	--
Typescript XSS Guide: Examples and Prevention	StackHawk	2022-01-18	1,623	--
Top Strategies for Node.js API Security: Best Practices to Implement	Matt Tanner	2025-02-04	3,420	--
Spring Excessive Data Exposure: Examples and Prevention	StackHawk	2022-05-14	1,267	--
API Security Best Practices: The Ultimate Guide	Nicole Jones	2024-01-02	4,891	--
5 Best API Security Solutions of 2025	Nicole Jones	2025-05-06	3,921	--
Single Page Application Security Testing: Is Scanning Your SPA with DAST Wrong?	April Conger and Eric Potter	2025-03-12	1,569	--
React Excessive Data Exposure: Examples and Prevention	StackHawk	2022-05-03	1,576	--
How StackHawk Meets Compliance Requirements for Highly Regulated Industries with Security Compliance …	StackHawk	2023-05-22	4,227	--
React XSS Guide: Examples and Prevention	Matt Tanner	2025-04-23	2,879	--
Web API Security: Essential Strategies and Best Practices	StackHawk	2024-09-03	3,405	--
Vue Broken Authentication Guide: Examples and Prevention	StackHawk	2022-04-26	1,551	--
gRPC Security: How StackHawk Tests gRPC Services	Austin Pearigen and Dana White	2023-10-18	615	--
Angular Content Security Policy (CSP) Guide: What It Is and How to …	Matt Tanner	2025-08-06	3,949	--
Guide to Security in Django	StackHawk	2022-04-27	1,650	--
Veracode Alternatives for Modern Software Security Teams	Ryan Severns	2025-03-13	1,592	--
What Is API Security? A Practical Guide for Developers and Security Teams	Matt Tanner, Scott Gerlach	2025-09-05	1,869	--
StackHawk named Winner in 2023 Global Infosec Awards at RSA 2023	StackHawk, Scott Gerlach	2023-04-24	723	--
Top Security Testing Strategies for Software Development	Matt Tanner	2025-10-10	2,079	--
Legacy DAST Can’t Log In—And That Breaks Everything	Scott Gerlach	2025-06-10	1,806	--
Why Shift Security Left?	Rebecca Warren, Scott Gerlach	2025-02-25	2,014	--
Node.js CSRF Protection Guide: Examples and How to Enable It	Matt Tanner	2025-08-13	5,642	--
Building a Paved Road: How to Implement DAST That Actually Scales	Payton O'Neal	2026-01-07	1,542	--
Top 5 Burp Suite Alternatives in 2026	Matt Tanner	2026-01-13	1,820	--
Metrics to Measure AppSec Testing Program Success	Payton O'Neal	2026-01-14	1,021	--
5 Best API Security Solutions of 2026	Nicole Jones	2026-01-23	2,759	--
The 2026 State of AI-Era AppSec: Key Findings from Our Survey	Payton O'Neal	2026-01-22	1,449	--
How StackHawk Helps You Achieve AppSec Requirements for PCI DSS v4.0.1 Compliance	Scott Gerlach	2026-01-20	2,503	--
How to Meet SEC Cybersecurity Disclosure Requirements with Proactive Application Security	Payton O'Neal	2026-01-27	2,109	--
The Real Reason AppSec Can't Keep Up With AI Development (It's Not …	Payton O'Neal	2026-01-28	1,154	--
Introducing the StackHawk Alliance & Reseller Program: SHARP-ening our Channel Commitment	Jim Torson	2026-02-04	644	--
AppSec Intelligence Decoded: What Does it Really Mean?	Payton O'Neal	2026-02-05	646	--
How to Meet EU Cyber Resilience Act Requirements with StackHawk's Pre-Production Testing	Nicole Jones	2026-02-10	2,322	--
How to Meet ISO 27001:2022 Requirements with StackHawk's Shift-Left DAST	Payton O'Neal	2026-02-19	2,085	--
Understanding AI TRiSM: A Framework for Building Trust in AI Systems	Aaron White	2026-02-23	2,966	--
What Anthropic's Claude Code Security Actually Means for AppSec	Scott Gerlach	2026-02-20	498	--
Top 11 API Tools for Testing in 2026	Matt Tanner	2026-02-25	4,068	--
David Geevaratne Joins StackHawk as EVP of Sales	David Geevaratne	2026-02-27	562	--
What Is LLM Security? Risks and Threats	Matt Tanner	2026-03-02	2,832	--
What Is the AI-DLC, and Why Should AppSec Teams Pay Attention?	Payton O'Neal	2026-03-11	1,665	--
What to Test Where: DAST Across the Development Lifecycle	Nicole Jones	2026-03-09	2,568	--
Security Testing REST APIs vs. WebSockets: What's The Difference?	Matt Tanner	2026-03-10	2,107	--
Joe Sullivan Joins StackHawk Board of Directors	Joe Sullivan	2026-03-12	589	--
AI Security Best Practices: A Developer's Guide to Securing LLMs and AI-Powered …	Matt Tanner	2026-03-17	5,481	--
How to Security Test Your JSON-RPC APIs with StackHawk	Scott Gerlach	2026-03-18	2,325	--
JSON-RPC Security: Best Practices Guide	Matt Tanner	2026-03-19	2,793	--
Best AI Pentesting Tools in 2026: Top Picks Compared	Matt Tanner	2026-03-26	2,512	--
RSAC 2026: AppSec Existentialism	Payton O'Neal	2026-04-03	1,625	--
DAST vs AI Pen-Testing: What's Actually Different	Payton O'Neal	2026-04-08	2,768	--
StackHawk vs. XBOW	Nicole Jones	2026-04-09	1,544	--
Claude Code Security Evolution: Where It Came From, Where It's Going	Matt Tanner	2026-04-14	1,712	--
StackHawk Now Tests MCP Servers for Security Vulnerabilities	Scott Gerlach	2026-04-16	1,007	--
A Developer's Guide to Writing Secure Code with GitHub Copilot	Matt Tanner	2026-04-17	4,767	--
Codex Security: What It Does Well and Where DAST Still Matters	Matt Tanner	2026-04-23	1,923	--
StackHawk and Wiz: One Risk Picture Across the Application and Cloud Layer	Nicole Jones	2026-04-30	596	--
Lessons from Hagerty: Scaling AppSec Without Becoming the Bottleneck	Casey Cline	2026-05-05	860	--
How to Embed AppSec Testing Into the AI-DLC for Secure Apps from …	Scott Gerlach	2026-05-13	1,300	--

Plushcap, by Matt Makai. 2021-2026.