Issue
By default, HawkScan uses one third (1/3) of the available memory of the host it's running on.
This is true whether HawkScan is running as a container on a Docker host or as a local installation of the HawkScan CLI.
In some cases (such as when scanning large applications with numerous paths), allocating more available memory can increase the performance throughput of the scanner.
Solution
If the host has sufficient free memory, you can allocate more to HawkScan by passing an environment variable override to HawkScan at runtime.
Here's how:
Docker-based HawkScan
In Docker-based environments, add -e HAWK_MEM=[X]g to the docker command, where [X] is the memory amount in question. For example:
docker run --env-file ~/.hawk/hawk.rc -e HAWK_MEM=4g --rm -v $(pwd):/hawk:rw -it --network host stackhawk/hawkscan:latest
HawkScan CLI
The HawkScan CLI uses the command option --hawk-mem to specify memory usage. For example:
hawk scan --hawk-mem=4g
GitHub Actions
In StackHawk's GitHub Actions Integration, HawkScan utilizes a linux host with 7GB of overall memory; by default this results in 2GB being used.
You can specify a larger amount by setting the HAWK_MEM variable in the env: section of the associated job config. For example:
jobs:
stackhawk-hawkscan:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: stackhawk/hawkscan-action@v2.0.0
with:
apiKey: ${{ secrets.HAWK_API_KEY }}
env:
HAWK_MEM: 4g
For more information about StackHawk's GitHub Action integration, see:
Other CI/CD Platforms
Other platforms may vary in terms of configuration, but:
memory allocation will always be passed an environment variable
HAWK_MEMis the name of the environment variable