Launch Addresses Agile Security Needs:
Munich, April 2nd of 2020
Crashtest Security is one of the Top 50 startups in Germany and a leading cybersecurity provider for web applications and APIs.
The superior logic of the Crashtest Security Scanner identifies attack vectors completely automated in the frontend, the backend, and the communication between the two. The scanner identified and checked more than 5000 pages for possible attack vectors in one of the top 5 online shops in Germany. Their only showed 20 pages.
Crashtest Security also applied their well-known secret sauce of a dead-simple user interface so that the scan only needs the domain to start the scan. “This mix of a simple interface and the powerful technology behind is unmatched in the security software world” said one of the numerous beta-testers.
Detailed overview over the new features:
Customers can now buy the software functionality online via credit card. The software comes in three pre-defined packages (Starter, Advanced, Professional), starting as low as € 35 per month. With rising automation needs, the price goes up – but the saved time for the users as well. The software is still open for a 14-day free trial without any credit card required. You can experience the full value during the trial: Click here.
Improved and Cleaner Design
According to their design principle “Complex security testing should be simple to use”, Crashtest Security relaunches their corporate design. The new logo and design show in all aspects of the brand, including software, homepage, logo, and marketing content. The new design especially focuses on creating a smoother registration process experience, as well as an improved in-software guidance. The new logo shows the abundance of attack vectors that can be used these days to attack applications. In addition, the logo signifies the agility that security needs and that continuous testing is the only way to be always protected.
In the past, automatic testing of dynamic web applications was difficult due to the changes in the content and the attack vectors between frontend, backend, and the communication of the two. Competitor products require the user to manually create click sequences and specifying specific value entries for the discovery of attack vectors. This takes a lot of time and requires frequent changes to the security tool setup (i.e. when the software flow changes).
The setup of one specific attack vector could easily take 5 to 15 minutes. Imagine implementing this for 20 attack vectors – and the next deployment, the app logic changes. Another 2 hours to be invested.
During our extensive beta tests with more than 50 participants, we detected 5000 pages with possible attack vectors in one of the top 5 online shops in Germany. Their currently used software only showed 20 attack vectors. This does not necessarily mean that there are actual security vulnerabilities, but if the possible attack vector is not identified, it would never be tested.