With StackHawk, engineering teams can run security tests against GraphQL APIs to find and fix vulnerabilities before they hit production. With automated testing on every PR, you can be confident that your app is secure. Join StackHawk co-founder and Chief Security Officer Scott Gerlach for a quick overview of GraphQL security testing with StackHawk.
Modern GraphQL API Security Testing
All of this is CICD enabled. Again, you can integrate this into your CI process and importantly, get feedback in the CI process on scan findings. This information can be used to break a build if you choose based on the severity of untriaged findings. Most of the major CI players logos are on this slide. As long as you can run Docker or a Java process in your CI system, you can run StackHawk. And here's maybe the most important part. You can run these same appsec tests locally. If you're developing an api on your local machine, you can test for api security issues while you're writing code. You can identify the problem, fix it and validate that you've fixed it before you push your code back into CICD pipeline. I hope you enjoyed my talk today and perhaps you learned something new about how StackHawk can be integrated into your graphql api development process. If you'd like to check out StackHawk and see how it can integrate into your development process to keep pushing the limits on software development quality, come check us out at stackhawk.com. Thanks for watching and enjoy graphql Galaxy 2022.