Skip to main content
All CollectionsRunning HawkScan
Tuning memory allocation in HawkScan
Tuning memory allocation in HawkScan

How to take advantage of available system memory to increase scan performance.

Anthony Stinn avatar
Written by Anthony Stinn
Updated over a week ago

Issue

By default, HawkScan uses one third (1/3) of the available memory of the host it's running on.

This is true whether HawkScan is running as a container on a Docker host or as a local installation of the HawkScan CLI.

In some cases (such as when scanning large applications with numerous paths), allocating more available memory can increase the performance throughput of the scanner.

Solution

If the host has sufficient free memory, you can allocate more to HawkScan by passing an environment variable override to HawkScan at runtime.

Here's how:

Docker-based HawkScan

In Docker-based environments, add -e HAWK_MEM=[X]g to the docker command, where [X] is the memory amount in question. For example:

  • docker run --env-file ~/.hawk/hawk.rc -e HAWK_MEM=4g --rm -v $(pwd):/hawk:rw -it --network host stackhawk/hawkscan:latest

HawkScan CLI

The HawkScan CLI uses the command option --hawk-mem to specify memory usage. For example:

  • hawk scan --hawk-mem=4g

GitHub Actions

In StackHawk's GitHub Actions Integration, HawkScan utilizes a linux host with 7GB of overall memory; by default this results in 2GB being used.

You can specify a larger amount by setting the HAWK_MEM variable in the env: section of the associated job config. For example:

jobs:
stackhawk-hawkscan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: stackhawk/hawkscan-action@v2.0.0
with:
apiKey: ${{ secrets.HAWK_API_KEY }}
env:
HAWK_MEM: 4g

For more information about StackHawk's GitHub Action integration, see:

Other CI/CD Platforms

Other platforms may vary in terms of configuration, but:

  • memory allocation will always be passed an environment variable

  • HAWK_MEM is the name of the environment variable

Did this answer your question?