Freely subscribe to our NEWSLETTER

StackHawk, the company making application security testing part of software delivery, announce GitHub Pull Request Checks, a new feature expanding its GitHub Marketplace App to include pull request comments, commit statuses and scan tagging capabilities. Pull requests are at the heart of the development workflow, with over 83 million developers relying on GitHub pull requests to introduce new code, complete code reviews and review automated test results. Receiving feedback on security testing within these requests is a natural extension of this workflow. StackHawk’s GitHub Pull Request Checks incorporates security scan results into pull request comments, so developers can review findings in real-time, and easily jump to the StackHawk interface to triage or remediate a vulnerability if needed.

The new functionality also enables security and development teams to work more efficiently by linking StackHawk scans to the relevant GitHub branch and commits. Security and DevSec teams can leverage these details to provide valuable information as to when and where a vulnerability was introduced when collaborating with developers on complex fixes.

Without a developer-first approach, traditional security cannot keep pace with the current speed of software development, as teams are expected to build and deploy new code daily or more frequently. Automating security feedback on every pull request and fixing vulnerabilities before production makes securing code part of the continuous development workflow, aligning security testing with other automated testing processes that are completed before deploying software.