Crashtest Security Blog

Open Source Under Attack

Aug 28, 2020 9:30:00 AM / by Leon O'Neill posted in SecurityManagement

0 Comments

Sonatypes annual research “2020 State of the software supply chain” uncovers lots of great insights into the open source world. Open source is such a huge part of modern development that the headline stat of 430% increase year on year of attacks targeting open source projects should be a wake up call for all developers.

Read More

Microservice Security - What you need to know

Aug 14, 2020 1:46:19 PM / by Hitesh Raja posted in SecurityManagement

0 Comments

A microservice architecture, often referred simply as microservices, is a set of services that are grouped in order to implement an application. Lately,  development teams prefer microservices, as it facilitates continuous delivery for large applications and adapts easily to the organisation’s needs as its technology evolves and scales up with very minimal effort.

Read More

Cyber Security Basics Checklist - 10 steps for beginning your strategy

Aug 3, 2020 8:30:00 AM / by Leon O'Neill posted in SecurityManagement, Cybersecurity

0 Comments

In light of some of recent high-profile attacks; We wanted to share some basic cyber security tips for business of all sizes and provide a simple checklist so that you can audit your company’s cyber security strategy.

Read More

The ongoing changes of browser support for TLS 1.0 & 1.1

Apr 22, 2020 9:45:00 AM / by Janosch Maier posted in WebApplicationSecurity, SecurityManagement, VulnerabilityAssessment, Cybersecurity

0 Comments

TLS 1.0 and 1.1 have been around for quite some time. TLS 1.0 was released in 1999, TLS 1.1 in 2006. They both should not be used anymore!
There are well known attacks such as Padding Oracle Attacks or BEAST for those versions. That is why Crashtest Security shows TLS 1.0 & 1.1 as critical vulnerabilities.

This article shows general industry guidelines, the usage of the protocol versions, and how different browser vendors are handling the deprecation of TLS 1.0 and TLS 1.1. We also help you to remediate a website or application that still uses TLS 1.0 or 1.1.

Read More

How to choose and implement a great vulnerability assessment tool

Feb 18, 2019 6:41:00 PM / by Leonard Basse posted in SecurityManagement

0 Comments

the project of web application security will never be truly finished!

The sheer range of solutions when it comes to web application security can be intimidating for CISOs, Development Managers or basically anyone dealing with vulnerable web applications.

Read More

How you can generate a positive ROI through web application security

Jan 28, 2019 8:55:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

The fact, that Cyber Crime is a serious threat and is becoming more and more costly and dangerous for companies is widely known by now. Most companies know, that cyber security is an issue, however the annual revenue of cyber crime still exceeds the investments in cyber security.

Read More

How all organisations can learn from the hacking attack on politicians & public figures

Jan 15, 2019 8:38:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

Politicians seem to enjoy the new ways of communication they can have through the internet. Communication is no longer a one way street from politicians to the public but more of a town hall meeting where everyone is invited to share their opinion. Of course this is mostly good, but this virtual proximity doesn’t come without downside risk.

Read More

The 5 Stages of a Data Breach

Nov 13, 2018 11:11:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

According to the 2018 Global Risk Report the World Economic Forum released this year, Cyberattacks are amongst the Top 5 Risks for Global Stability in terms of Likelihood and Impact. A data breach caused by a cyber attack can indeed have an incredible impact on any country, corporation or business owner.

Read More

The 6 most important web vulnerabilities that managers need to take care of

Sep 28, 2018 11:04:00 AM / by Leonard Basse posted in SecurityManagement

0 Comments

 

The world of IT security can get confusing with all the different vulnerabilities, exploits and newly emerging trends. In this article we summarise and shortly explain the top 6 most important web vulnerabilities that managers need to be aware of and tackle on a constant basis.

Read More

Digitalisation in Germany — Is there still hope?

Apr 11, 2018 8:18:00 AM / by Felix Brombacher posted in SecurityManagement

0 Comments

 

Read More

For more information on all topics around continuous security, visit our continuous security page:

Continuous Security Topics