Case Study: Breathe Life achieves scalable, developer-led application security with StackHawk

Breathe Life Deploys StackHawk and Snyk for a Dev-Centric Application Security Program

Breathe Life is a life-insurance technology company that handles sensitive PII and PHI and must comply with strict regulations like HIPAA, CCPA and Quebec’s Bill 64. To scale securely and surface vulnerabilities earlier in the development lifecycle, Breathe Life adopted developer-centric security tooling, selecting StackHawk for Dynamic Application Security Testing alongside Snyk for software composition analysis.

StackHawk was integrated to scan their Single Page App and backing APIs using the OpenAPI spec, providing deeper, more accurate DAST coverage than traditional crawlers and making findings easier to manage with less noise. With StackHawk (and Snyk) in place, Breathe Life shifted security left, gave developers ownership of fixes, reduced duplicate alerts, and gained greater confidence in production releases—enabling a scalable, organization-wide application security program.

Breathe Life

François Allard

Director of Engineering for Platform Teams