StackHawk

The 2026 AppSec reality: 87% adopted AI coding assistants, but 50% spend 40%+ of their time just triaging alerts. 73% can't confidently answer board questions about risk posture. Learn more: stackhawk.com/blog/2026-stat… Download the guide: stackhawk.com/resources/guid…

StackHawk CSO & Co-founder Scott Gerlach is joining @semgrep at RSAC for an interactive demo. When: March 25, 10 AM PT in SF Can't make it? Catch us at Semgrep's booth #1743 on March 24 at 11 AM PT for an in-person demo on the floor. Register here: semgrep.dev/events/sast-da…

The Women in Security Documentary is an award-winning film on the real stories behind women shaping the security industry. The San Francisco premiere is a red carpet event at AMC Metreon 16 on March 24 and 25 at 4 PM PT. Register here: docs.google.com/forms/d/e/1FAI…

JSON-RPC powers blockchain, IoT, MCP, and most DAST tools completely ignore it. The attack surface hides in the method namespace, not the URL. StackHawk now fuzzes every method, every parameter. REST, GraphQL, gRPC, and now JSON-RPC. We test it all. stackhawk.com/blog/json-rpc-…

Joe Sullivan (former CSO at Uber, Facebook, and Cloudflare) is leading a fireside chat at RSAC. StackHawk is co-hosting with @EndorLabs, Cyberhaven, and @brinqa . Learn more and RSVP here: endorlabs.com/events/ciso-ba…

We’re excited to welcome Regional Sales Director Suzy McClure to the team! Suzy has spent 15+ years in SaaS and cybersecurity sales, with deep channel experience at every stop. Welcome to the flock, Suzy!

We're a proud sponsor of PBC Connect at RSAC 2026 with ArmorCode Inc. The Purple Book Community is bringing together CISOs and security leaders for a full day of panels and networking at RSAC. Register for free here: thepurplebook.club/pbc-connect-rs…

Joe Sullivan sits down with Adam LaGreca of 10KMedia to discuss how AI is reshaping application security. 🎧 Listen to the full podcast here: open.spotify.com/episode/6w0JTN…

Get Joe’s full take on why he’s excited to be joining StackHawk’s BOD: stackhawk.com/blog/joe-sulli…

Joe Sullivan's word for 2026: runtime. He led security at Meta, Uber, and Cloudflare. His read: AI tools are solving code-level security. Runtime is what’s needed. That's exactly what StackHawk is built for. And that’s why he's joining our board. Welcome, Joe!

Copilot. Cursor. Full APIs in an afternoon. New endpoints. New attack surface. Nothing in any spec. Security testing not in the pipeline doesn't run at all. The AI-DLC changed everything → stackhawk.com/blog/what-is-t…

StackHawk is proud to be named a DAST Innovator in the report, and we think the timing says as much as the recognition. 🔗 Get the full report: latio.com/downloads/2026…

DAST has played second fiddle for years. Too slow. Too clunky. Too late in the development lifecycle to operationalize at scale. @latiotech's 2026 AppSec Market report confirms AppSec tool success criteria should focus on time to fix, not number of findings.

Where you run DAST determines what you can actually test for. No single stage catches everything. Each one tests what the others can't. That only works if your scanner can actually run at every stage. That's the architecture StackHawk was built on. stackhawk.com/blog/dast-in-s…

The StackHawk team is headed to San Francisco for RSAC 2026. We'll be at several events throughout the week with partners @semgrep , Armorcode, Endor Labs, and Cycode. If you're going to be there, grab 30 minutes with us. We'd love to connect. stackhawk.com/resources/even…

David Geevaratne is joining as our EVP of Sales! 20+ yrs in cloud-native and cybersecurity sales leadership. Co-founded and scaled a company to $40M+. Built teams at Uptycs, DivvyCloud, and Rapid7. Welcome to the team David!

ICYMI, AppSec is in a full-blown hype cycle. Everyone has a hot take. But at the end of the day, AppSec testing tools are here to stay. In this Q&A with @helpnetsecurity, StackHawk’s CEO Joni Klippert breaks down the nuances of using AI when it comes to DAST. Learn more 👇

🔗 Get the full report here: latio.com/downloads/2026…

ICYMI -@latiotech's 2026 AppSec Market report dropped last week, covering 50+ vendors across the full AppSec stack. Their conclusion: the real differentiators aren't scanner counts anymore. It's usability, developer experience, and how tools fit into their development lifecycle

Most teams don't fail ISO 27001 audits because they skipped security testing. They fail because they can't prove it was systematic. A pentest from last quarter isn't a process. CI/CD-native DAST is. stackhawk.com/blog/iso-27001…

That's a wrap on SKO 2026 🎯 Two days of real talk about why runtime AppSec testing is more critical than ever for 2026. Nothing beats getting this incredibly hard-working team in the same room. We couldn’t be more excited for the year to come. 🦅