StackHawk is a dynamic application security testing platform that integrates into CI/CD pipelines and development workflows. The platform provides three main capabilities: discovery, testing, and oversight. The discovery component integrates with source code repositories to map applications and APIs across the attack surface. It automatically identifies sensitive data locations, languages, frameworks, and commit activity to help prioritize testing. The platform generates OpenAPI specifications from source code without requiring manual developer input. The testing component performs runtime security testing directly within CI/CD pipelines and pull requests. It tests live applications with real requests and response analysis, providing deterministic and reproducible results. The platform identifies authorization and authentication flaws, business logic vulnerabilities, API-specific risks, injection attacks, and LLM security issues. Testing includes iterative validation through Hawkscan Rescan that only re-tests failed items. The oversight component provides visibility into application security program effectiveness. It tracks which applications are tested, vulnerability remediation status, and overall risk posture. The platform analyzes applications based on sensitive data handling, testing coverage, and commit activity to prioritize security resources. Results are delivered to developers in pull requests, Slack, or Jira with AI-generated remediation guidance. The platform includes cURL generators for debugging and fix validation.