Crashtest Security Blog

Why should Cybersecurity care about DevOps?

Apr 29, 2020 2:15:00 PM / by Janosch Maier posted in DevSecOps, Cybersecurity, DevOps, continuous Security

0 Comments

This is how you can secure your DevOps Cycle

As a modern cyber security professional for a corporate, you may get a lot of headache when working together with the people responsible for developing applications, the DevOps team (and vice versa). This article tries to explain why this is the case and how to structure good communication for a fruitful together in the company. Plus, it outlines two concrete strategies on how to continuously create more secure applications: security champions and tool integration.

Read More

What is DevOps? (The non-technical FAQ)

Apr 24, 2020 2:11:20 PM / by Jan Wiederrecht posted in DevSecOps, DevOps, Continuous Delivery, continuous Security

0 Comments

This FAQ will answer your most burning questions about DevOps.

Read More

The importance of web application security during the corona outbreak

Apr 8, 2020 10:30:00 AM / by Janosch Maier posted in DevSecOps, VulnerabilityAssessment, Cybersecurity

0 Comments

How can you prevent cyber attacks while rapidly changing to a remote work setup?

The challenge for many companies is to change to a remote work setup on a short notice and with limited preparation. What is more, critical internal systems are connected to more publicly available endpoints these days. There are some short-term actions companies can take now - and some more long-term to stay secure in the long-term.

Read More

Crashtest Security Announces new Features to Easily Scan Modern Web Apps

Apr 2, 2020 7:00:00 PM / by Jan Wiederrecht posted in WebApplicationSecurity, DevSecOps, Startup, JavaScriptScanning

0 Comments

Launch Addresses Agile Security Needs:
Full-blown-SaaS features, Improved and Cleaner Design, JavaScript Scanner

Munich, April 2nd of 2020

Read More

JavaScript Applications: The challenges of automated security testing

Mar 25, 2020 5:00:00 PM / by Jan Wiederrecht posted in WebApplicationSecurity, DevSecOps, JavaScriptScanning, continuous Security

0 Comments

According to the most recent StackOverflow Developer Survey, JavaScript is the most popular programming language amongst professional developers (69,7%). Most modern apps use this frontend technology to dynamically load content from the backend based on the user behavior or other events.

This blog article will explain the differences between JavaScript (Single Page) and traditional (Multi Page) web applications. Afterwards, we will explain the specific difficulties of Single Page applications (SPAs) from a security perspective. Finally, we will address the challenges of automating security tests for SPAs.

Read More

Six Quick Wins in DevSecOps

Jun 18, 2019 9:53:46 AM / by Janosch Maier posted in DevSecOps, DevOps, Continuous Delivery, continuous Security

0 Comments

You want to bring your agile development and application security to the next level? You have heard the buzzword "DevSecOps" so many times? You are still asking yourself where to start?
 
We have gathered six quick wins on how you can get started with DevSecOps.
Read More

Terraform Security: Resource does not have attribute

Nov 29, 2018 8:19:00 AM / by Janosch Maier posted in DevSecOps, Kubernetes, Skript, continuous Security

0 Comments

Resolve a Terraform data source issue

 

Read More

SecDevOps - No agility without security

Aug 17, 2018 2:29:00 PM / by Jan Wiederrecht posted in DevSecOps, DevOps, Continuous Delivery, continuous Security

0 Comments

The concept of DevOps and agility is nothing new for most companies and developers circling the sun. The most well known frameworks (e.g. Scrum, XP etc.) are applied in many development teams and lead to a number of benefits for teams, companies and customers. Evidence shows that agile methods cause better performances in comparison to the outdated waterfall method. For many companies the outdated waterfall method is the largest contributor to project failure. Another problem with traditional step-by-step programming is that products do not exactly meet the demand of customers and need to be redesigned which takes time and costs money. Through DevOps, development teams work closely with the customer and need to adjust fewer things at the end of the project.

Read More

Why Continuous Delivery is Important

Sep 28, 2017 8:22:00 AM / by Janosch Maier posted in DevSecOps, Continuous Delivery, continuous Security

0 Comments

Good Workflows for the whole company

Read More

Security Best Practices for Start-ups

Sep 25, 2017 11:39:00 AM / by Janosch Maier posted in DevSecOps

0 Comments

"Without Security you have no Business"

Read More

For more information on all topics around continuous security, visit our continuous security page:

Continuous Security Topics