Crashtest Security Blog

The ongoing changes of browser support for TLS 1.0 & 1.1

Apr 22, 2020 9:45:00 AM / by Janosch Maier posted in WebApplicationSecurity, SecurityManagement, VulnerabilityAssessment, Cybersecurity

0 Comments

TLS 1.0 and 1.1 have been around for quite some time. TLS 1.0 was released in 1999, TLS 1.1 in 2006. They both should not be used anymore!
There are well known attacks such as Padding Oracle Attacks or BEAST for those versions. That is why Crashtest Security shows TLS 1.0 & 1.1 as critical vulnerabilities.

This article shows general industry guidelines, the usage of the protocol versions, and how different browser vendors are handling the deprecation of TLS 1.0 and TLS 1.1. We also help you to remediate a website or application that still uses TLS 1.0 or 1.1.

Read More

How to choose and implement a great vulnerability assessment tool

Feb 18, 2019 6:41:00 PM / by Leonard Basse posted in SecurityManagement

0 Comments

the project of web application security will never be truly finished!

The sheer range of solutions when it comes to web application security can be intimidating for CISOs, Development Managers or basically anyone dealing with vulnerable web applications.

Read More

How you can generate a positive ROI through web application security

Jan 28, 2019 8:55:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

The fact, that Cyber Crime is a serious threat and is becoming more and more costly and dangerous for companies is widely known by now. Most companies know, that cyber security is an issue, however the annual revenue of cyber crime still exceeds the investments in cyber security.

Read More

How all organisations can learn from the hacking attack on politicians & public figures

Jan 15, 2019 8:38:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

Politicians seem to enjoy the new ways of communication they can have through the internet. Communication is no longer a one way street from politicians to the public but more of a town hall meeting where everyone is invited to share their opinion. Of course this is mostly good, but this virtual proximity doesn’t come without downside risk.

Read More

The 5 Stages of a Data Breach

Nov 13, 2018 11:11:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

According to the 2018 Global Risk Report the World Economic Forum released this year, Cyberattacks are amongst the Top 5 Risks for Global Stability in terms of Likelihood and Impact. A data breach caused by a cyber attack can indeed have an incredible impact on any country, corporation or business owner.

Read More

The 6 most important web vulnerabilities that managers need to take care of

Sep 28, 2018 11:04:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

The world of IT security can get confusing with all the different vulnerabilities, exploits and newly emerging trends. In this article we summarise and shortly explain the top 6 most important web vulnerabilities that managers need to be aware of and tackle on a constant basis.

Read More

Digitalisation in Germany — Is there still hope?

Apr 11, 2018 8:18:00 AM / by Felix Brombacher posted in SecurityManagement

0 Comments

 

Read More

Take the cache to get to work — What cyber security flaws like Spectre mean to web applications from non-techy viewpoint

Jan 26, 2018 3:14:00 PM / by Thaddäus Schwab posted in SecurityManagement

0 Comments

Overall you and l are painfully aware of cyber security threats however business implications are sometimes a bit blurry and that’s why I’d like to address the business impact of the Spectre and Meltdown attack in a bit more detail from the business point of view.

Read More

For more information on all topics around continuous security, visit our continuous security page:

Continuous Security Topics