Migrating from APIsec to StackHawk

Try middleBrick free

What middleBrick covers

  • Preserve scan coverage by exporting and reimporting URLs and auth contexts
  • Rebuild API surface with consistent authentication and OpenAPI definitions
  • Reconfigure CI gates and quality thresholds to match operational risk appetite
  • Maintain alerting cadence while respecting rate limits
  • Map findings to OWASP API Top 10 for consistent categorization
  • Validate controls relevant to PCI-DSS 4.0 and SOC 2 Type II

Overview of migration considerations

Moving an API security scanning workflow from one platform to another involves more than tool substitution. You need to preserve scan coverage, maintain CI gate behavior, and understand what findings require follow-up versus what is informational. This guide focuses on practical data export, rebuild steps, and known gaps while comparing workflow concepts rather than specific product internals.

Exporting and preserving scan data

Before migration, export scan artifacts that your current platform supports. Typical export formats include JSON and PDF reports containing risk scores, finding details, affected endpoints, and remediation guidance. Keep the export timestamped and store it alongside your CI configuration so you can correlate historic results after rebuilding the scan catalog. For ongoing work, retain raw request and response pairs when permitted by your security policy to support later investigation.

Rebuilding scan coverage in the new environment

Recreate your scan surface by importing the exported URLs, API definitions, and authentication contexts into the new workflow. Use the CLI or dashboard to resubmit each endpoint, ensuring that authentication schemes such as Bearer, API key, Basic auth, and Cookie are reconfigured exactly as required. If your previous setup used OpenAPI specs, re-ingest them to validate paths, security schemes, and parameter definitions against the live runtime behavior.

CI/CD integration and alerting continuity

Replicate your CI wiring by updating pipeline steps to use the new tool’s CLI command for scanning, such as a single command that returns a machine-readable score. Reconfigure quality gates so that builds fail when the score drops below your chosen threshold, and restore email or messaging notifications while respecting rate limits. Verify that integrations such as GitHub Actions or MCP Server–driven setups correctly propagate findings to the correct repositories and channels.

Known gaps and limitations to expect

Not all historical scan details will map cleanly between platforms. Differences in detection timing, categorization labels, or scoring formulas can cause findings to appear resolved when they are only scored differently. Business logic vulnerabilities and blind SSRF typically require human review in any tool, and continuous monitoring setups may need recalibration for schedule frequency and alert thresholds to match your operational cadence.

See how middleBrick compares See all use cases

Frequently Asked Questions

How do I export scan results from my current platform?
Use the export or download options in the dashboard to produce JSON or PDF reports that include risk scores, endpoint details, and remediation guidance.
Will my existing CI gates work without modification?
They will need updates to point to the new CLI command and score threshold logic, but the overall gate pattern can remain the same.
Can I preserve historical scan data for compliance evidence?
Retain exported reports and raw request-response pairs stored in your own systems; the tool does not retain customer data beyond cancellation policies.
What happens to authenticated scan configurations during migration?
You must reconfigure authentication methods and domain verification so that the new environment can validate ownership and scope.

Related Pages

Migrate from Detectify to middleBrickWhat changes when you move from Detectify to middleBrick, and how to not lose anything in transit.Migrate from Noname Security to middleBrickWhat changes when you move from Noname Security to middleBrick, and how to not lose anything in transit.Migrate from Salt Security to middleBrickWhat changes when you move from Salt Security to middleBrick, and how to not lose anything in transit.Nuclei vs Salt SecurityNeutral side-by-side comparison of Nuclei and Salt Security.OWASP ZAP vs Prompt SecurityNeutral side-by-side comparison of OWASP ZAP and Prompt Security.42Crunch vs Lasso SecurityNeutral side-by-side comparison of 42Crunch and Lasso Security.