Crashtest Security Blog

The importance of web application security during the corona outbreak

Apr 8, 2020 10:30:00 AM / by Janosch Maier posted in DevSecOps, VulnerabilityAssessment, Cybersecurity

0 Comments

How can you prevent cyber attacks while rapidly changing to a remote work setup?

The challenge for many companies is to change to a remote work setup on a short notice and with limited preparation. What is more, critical internal systems are connected to more publicly available endpoints these days. There are some short-term actions companies can take now - and some more long-term to stay secure in the long-term.

Read More

Crashtest Security Announces new Features to Easily Scan Modern Web Apps

Apr 2, 2020 7:00:00 PM / by Jan Wiederrecht posted in WebApplicationSecurity, DevSecOps, Startup, JavaScriptScanning

0 Comments

Launch Addresses Agile Security Needs:
Full-blown-SaaS features, Improved and Cleaner Design, JavaScript Scanner

Munich, April 2nd of 2020

Read More

JavaScript Applications: The challenges of automated security testing

Mar 25, 2020 5:00:00 PM / by Janosch Maier posted in WebApplicationSecurity, DevSecOps, JavaScriptScanning

0 Comments

According to the most recent StackOverflow Developer Survey, JavaScript is the most popular programming language amongst professional developers (69,7%). Most modern apps use this frontend technology to dynamically load content from the backend based on the user behavior or other events.

This blog article will explain the differences between JavaScript (Single Page) and traditional (Multi Page) web applications. Afterwards, we will explain the specific difficulties of Single Page applications (SPAs) from a security perspective. Finally, we will address the challenges of automating security tests for SPAs.

Read More

Collect Kubernetes Logs on Docker for Mac

Dec 6, 2019 2:28:00 PM / by Janosch Maier posted in Kubernetes, Skript, Docker, Programming

0 Comments

You have just started using the built-in Kubernetes functionality on Docker for Mac? It is a promising alternative to docker compose if you want to mirror your system infrastructure for local development. If you are using Kubernetes in production, you can easily use your existing pod definitions on your machine without the need of setting up a Kubernetes cluster like minikube yourself. This short blog post will show you how to collect all logs for your local cluster.

Read More

Cards Against Developers - Why Developers create a Card Game

Oct 1, 2019 3:48:00 PM / by Janosch Maier posted in team building, Startup

0 Comments

Why we created a card game as a security company?

As a start-up, it is important that every team member is on the same page when it comes to company goals. The work attitude of every single team member is shaping the office life for everybody. In a large organisation you may be able to drag people around with you, which is not possible in a small team.

Read More

Six Quick Wins in DevSecOps

Jun 18, 2019 9:53:46 AM / by Janosch Maier posted in VulnerabilityAssessment

0 Comments

You want to bring your agile development and application security to the next level? You have heard the buzzword "DevSecOps" so many times? You are still asking yourself where to start?
 
We have gathered six quick wins on how you can get started with DevSecOps.
Read More

What exactly is ... Cross-Site Scripting?

Apr 4, 2019 3:01:55 PM / by Leonard Basse posted in VulnerabilityAssessment

0 Comments

The number of serious vulnerabilities per web application is rising each year. Often developers also have to tackle vulnerabilities that they've never seen before. These Zero Day attacks are the reason why development teams need to proactively search for vulnerabilities within their web application before releasing new features to the public.

Read More

How to choose and implement a great vulnerability assessment tool

Feb 18, 2019 6:41:00 PM / by Leonard Basse posted in SecurityManagement

0 Comments

the project of web application security will never be truly finished!

The sheer range of solutions when it comes to web application security can be intimidating for CISOs, Development Managers or basically anyone dealing with vulnerable web applications.

Read More

How you can generate a positive ROI through web application security

Jan 28, 2019 8:55:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

The fact, that Cyber Crime is a serious threat and is becoming more and more costly and dangerous for companies is widely known by now. Most companies know, that cyber security is an issue, however the annual revenue of cyber crime still exceeds the investments in cyber security.

Read More

How all organisations can learn from the hacking attack on politicians & public figures

Jan 15, 2019 8:38:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

Politicians seem to enjoy the new ways of communication they can have through the internet. Communication is no longer a one way street from politicians to the public but more of a town hall meeting where everyone is invited to share their opinion. Of course this is mostly good, but this virtual proximity doesn’t come without downside risk.

Read More