Launch Addresses Agile Security Needs:
Munich, April 2nd of 2020
Crashtest Security is one of the Top 50 startups in Germany and a leading cybersecurity provider for web applications and APIs.
The Crashtest Security Scanner’s superior logic identifies attack vectors completely automated in the front, backend, and communication between the two. The scanner identified and checked more than 5000 pages for possible attack vectors in one of Germany’s top 5 online shops. Unfortunately, they only showed 20 pages.
Crashtest Security also applied their well-known secret sauce of a dead-simple user interface to need the domain to start the scan. “This mix of a simple interface and the powerful technology behind it is unmatched in the security software world,” said one of the numerous beta-testers.
Detailed overview of the new features:
Customers can now buy the software functionality online via credit card. The software comes in three pre-defined packages (Starter, Advanced, Professional), starting as low as € 35 per month. Of course, with rising automation needs, the price goes up, but the users save time. The software is still open for a 14-day free trial without any credit card required. You can experience the full value during the trial: Click here.
Improved and Cleaner Design
According to their design principle, “Complex security testing should be simple to use,” Crashtest Security relaunches their corporate design. The new logo and design show all aspects of the brand, including software, homepage, logo, and marketing content. The new design especially focuses on creating a smoother registration process experience and improved in-software guidance. The new logo shows the abundance of attack vectors that can be used these days to attack applications. The logo signifies the agility that security needs and that continuous testing are the only way to be protected.
In the past, automatic testing of dynamic web applications was difficult due to the changes in the content and the attack vectors between the front end, backend, and communication. Competitor products require the user to manually create click sequences and specifying specific value entries to discover attack vectors. This takes a lot of time and requires frequent changes to the security tool setup (i.e., when the software changes).
The setup of one specific attack vector could easily take 5 to 15 minutes. Imagine implementing this for 20 attack vectors – and the next deployment, the app logic changes. Another 2 hours to be invested.
During our extensive beta tests with more than 50 participants, we detected 5000 pages with possible attack vectors in one of Germany’s top 5 online shops. However, their currently used software only showed 20 attack vectors. Of course, this does not necessarily mean that there are actual security vulnerabilities, but it would never be tested if the possible attack vector is not identified.