Crashtest Security Blog

TLS 1.0 and 1.1 have been around for quite some time. TLS 1.0 was released in 1999, TLS 1.1 in 2006. They both should not be used anymore!
There are well known attacks such as Padding Oracle Attacks or BEAST for those versions. That is why Crashtest Security shows TLS 1.0 & 1.1 as critical vulnerabilities.

This article shows general industry guidelines, the usage of the protocol versions, and how different browser vendors are handling the deprecation of TLS 1.0 and TLS 1.1. We also help you to remediate a website or application that still uses TLS 1.0 or 1.1.

… the project of web application security will never be truly finished!

The sheer range of solutions when it comes to web application security can be intimidating for CISOs, Development Managers or basically anyone dealing with vulnerable web applications.

The fact, that Cyber Crime is a serious threat and is becoming more and more costly and dangerous for companies is widely known by now. Most companies know, that cyber security is an issue, however the annual revenue of cyber crime still exceeds the investments in cyber security.

The world of IT security can get confusing with all the different vulnerabilities, exploits and newly emerging trends. In this article we summarise and shortly explain the top 6 most important web vulnerabilities that managers need to be aware of and tackle on a constant basis.

Overall you and l are painfully aware of cyber security threats however business implications are sometimes a bit blurry and that’s why I’d like to address the business impact of the Spectre and Meltdown attack in a bit more detail from the business point of view.