Veracode Adds Advanced Dynamic Analysis Capability With Acquisition of Crashtest Security Solution Becomes

Detect Web App & API Vulnerabilities
Try now for free

Acquisition Provides Enhanced Offering for Customers Looking to Secure their Web Application Attack Surface

BURLINGTON, Mass. – December 12, 2022– Veracode, a leading global provider of modern application security testing solutions, today announced it has acquired Germany-based software security tool, Crashtest Security, a rising developer-oriented dynamic application security testing (DAST) product. The investment will enhance the existing DAST capabilities available as part of Veracode’s Continuous Software Security Platform and broaden customer access globally.

Web applications are fast becoming the most exploited attack vector for cyber threat actors looking to infiltrate enterprises and critical infrastructure. In fact, web apps now account for 40 percent of breaches*. The Crashtest Security product makes it even easier to get started with web application scanning in runtime environments to find vulnerabilities that static analysis is not best suited for. This developer-friendly solution complements Veracode’s platform capabilities as part of a complete modern application security program that secures the entire software development life cycle (SDLC).

Brian Roche, Chief Product Officer at Veracode, said, “Our customers have never been under greater pressure to secure their web applications in response to heightened risk. They seek simple-to-use products that can be onboarded quickly and seamlessly. The Crashtest Security product offers just the solution—it is a highly innovative DAST tool and already has deep roots in the European market. This acquisition supports the growing demand for run-time scanning and allows customers to quickly and easily experience the latest developments in DAST.”

Crashtest Security Dynamic Analysis

Crashtest Security, based in Munich, Germany, was founded in 2017. The solution can be used to analyze JavaScript-based apps, REST (Representational state transfer) APIs, and traditional web apps, and automate security testing via integration in the software development pipeline.

Veracode will incorporate the Crashtest tool into its existing portfolio, allowing customers to use the same login credentials across both products. Users will be able to leverage the most powerful aspects of the integrated technology for a 360-degree view of scanning and reporting architecture across all applications utilizing a DAST product. 

Felix Brombacher, CEO and Co-founder of Crashtest Security, said, “We are thrilled to extend advanced DAST capability to a broader market. We have invested heavily in our plug-and-play solution to meet the demands of customers in Europe and enable continuous testing throughout the development process. The acquisition of our dynamic analysis technology and resources by Veracode will enable us to deliver the next generation of DAST to customers globally.”

To learn more about the dynamic analysis solution and how to take software security to the next level, click here.

* 2022 Verizon Data Breach Investigations Report, May 2022

For more information, please contact:

Katy Gwilliam

About Veracode  

Veracode is a leading AppSec partner for creating secure software, reducing the risk of security breach, and increasing security and development teams’ productivity. As a result, companies using Veracode can move their business, and the world, forward. With its combination of process automation, integrations, speed, and responsiveness, Veracode helps companies get accurate and reliable results to focus their efforts on fixing, not just finding, potential vulnerabilities. Learn more at, on the Veracode blog, on LinkedIn, and on Twitter

Copyright © 2022 Veracode, Inc. All rights reserved. Veracode is a registered trademark of Veracode, Inc. in the United States and may be registered in certain other jurisdictions. All other product names, brands or logos belong to their respective holders. All other trademarks cited herein are property of their respective owners. 

Get a quick security audit of your website for free now

We are analyzing
Scanning target
Scan status: In progress
Scan target:
Date: 22/09/2023
Crashtest Security Suite will be checking for:
Information disclosure Known vulnerabilities SSL misconfiguration Open ports
Complete your scan request
Please fill in your details receive the
quick security audit by email.
Security specialist is analyzing your scan report.
То verify your identity please provide your phone/mobile:
Thank you.
We have received your request.
As soon as your security audit is ready, we will notify you.