Today, application security testing provider StackHawk announced that it has raised $20.7 million as part of a series B funding round led by Sapphire Ventures and Costanoa Ventures. 

StackHawk’s dynamic application and API security testing makes security part of the developer workflow by running automated security testing in CI/CD, and notifying the developer immediately about new security issues as they emerge.

Part of the reason behind investor interest in StackHawk, is that it provides enterprises with a solution to mitigate application security issues efficiently so that developers don’t have to identify issues manually when deploying on a daily or hourly basis.  

Keeping up with the demands of the software development lifecycle 

The funding comes as more and more developers are struggling to keep up with the demands of the software development lifecycle, expected to ship new releases constantly, with minimal time to mitigate security or performance issues. 

For these organizations, application security testing solutions like Stackhawk provide a solution to proactively identify and remediate issues and a way to ensure that developers can trust the code they ship is secure.  

“Forrester reports that application and API security exploits are the most common form of external cyberattack affecting organizations today. This is because the way organizations find and fix application and API security issues has not evolved with the way software is delivered,” said Joni Klippert, founder and CEO at StackHawk. 

“Engineering teams today are delivering software changes daily. But security testing has been left siloed, with security teams testing for vulnerabilities quarterly or annually, using manual testing methods. This disconnect is what leaves organizations’ apps and APIs unprotected,” Klippert said. 

StackHawk’s solution to this predicament is simple; provide developers with automated testing capabilities and notifications so they can code quickly and address coding issues whenever they’re identified by the solution. 

The application security market 

The organization’s growth is occurring as the application security market is expected to grow from a value of $6.38 billion in 2020 to reach a total value of $15.76 billion by 2026 as enterprises seek new solutions to secure the application’s and code they rely on. 

The organization is competing against a range of other Dynamic Application Security Testing (DAST) providers including Veracode, a nine-time leader in the Gartner Magic quadrant for Application security testing and provides an application security solution with a mixture of SAST, DAST, SCA and automated application analysis capabilities. 

Veracode recently announced that it had raised revenue by 13% since last year. 

Another competitor is WhiteHat Security, an application security platform with dynamic testing driven by AI and machine learning, with continuous vulnerability scanning, reporting and analytics, which has raised total funding of over $50 million according to Crunchbase. 

However, Klippert says that StackHawk is the only solution on the market built for DevSecOps and CI/CD workloads. “What really sets Stackhawk apart from legacy DAST vendors is the ability to run security tests in CI/CD.”