The Crashtest Security Suite
Most advanced crawling options
Our software is able to directly detect attack vectors in all web applications:
- Revolutionary Single-Page application scanning:We only need the project domain to scan Angular, React, Vue, and other JS-based applications
- Painless Multi-Page application setup:The standard for web application security scanning - radically simplified
- Documentation-based API scanning: Unlimited possibilities for the modern app communication standard. This opens up scans of all mobile applications for iOS, Android, and all API-based IoT use cases.
Fastest setup on the market
We make it really easy for you to get started:
- Only three short steps to setup:We cleared the path to your personal web application scan
- Our setup challenge:We guarantee you will have a quick scan result within five minutes.If it takes more time, you get a free security consultation with one of our experts.
What good is a security tool if it is too complex to use it?
- We strive to make our tool as easy as possible to use
- We only ask for information if it is needed
- Every view is designed to give you exactly and only the most important information for that view
The major result of any security test is the reporting on any detected vulnerabilities. We offer a number of ways to report our findings:
- Our polished, detailed PDF-Report:Gives you the highlights of the scan on the first pages, but then provides much more details for the developers at the end, including remediation help for your specific vulnerabilities
- Our one-page overview certificate:Ideal for establishing trust in your software or webpage, without giving away too many details
- Our machine-readable JUnit XML-Format:Standardized report that can easily be imported in your reporting tools (check out our integrations page)
Easy scan automation
The beauty of our scan software is that you can automate scans as convenient as possible.
- Convenient scan scheduling:Just enter the time interval and you get a report every month, week, or day
- Event-based scans via webhook:Create a build step in your deployment pipeline
- API for highest automation needs:Create projects, define authentication, start scans, and get results
But wait - there is more...
- Full list of our scanners: See a full list of our scanners for the invasive and non-invasive scans.
- Integrations:Understand in-depth how we integrate in your existing development tools.
- Team Management:Even security is more fun if you do it with friends - so you can invite your colleagues to our software to be more proactive about security scans.
- Authentication Flows:The Crashtest Security Suite supports multiple advanced authentication flows:HTTP headers, GET parameters, (Session) Cookies, SAML or OAuth2
- Webhook Details:Learn more about the full feature set of our webhook.
- Remediation Support:The most important aspect after finding your vulnerabilities is to fix them. Check out our wiki system with explanations, code snippets and screenshots.
If you want to see even more features or want to see them live, book a demo with us.