How Hailstone Works

0: Download Hailstone

Hailstone is a lightweight runtime agent, and offers both SaaS and on-prem models.

We support modern development platforms, like Node.js.

Benefits of runtime security testing

  • Speed and flexibility: Hailstone monitors code as it is executed, so bugs are reported async. No extra steps required.
  • Accuracy: Runtime telemetry helps us avoid the assumptions traditional security tools need to make, so developers will find fewer false positives and false negatives.

1: Wrap your app with Hailstone

When you test your app, start it with the Hailstone agent. It's a simple, one-line change.

$ node -r hailstone server.js

2: Run your tests

That's it. Hailstone finds security bugs as you run your automated unit tests and functional tests, or whenever you're using your app.

No additional time is added to your CI/CD pipeline.

... or anything that "exercises" your app.