You are running a startup and want to get started on cybersecurity? You just joined a startup and want to implement the first cybersecurity measures? You are interested in what cybersecurity activities should be implemented at a particular growth phase of a startup?
Crashtest Security is one of the Top 50 startups in Germany and a leading cybersecurity provider for web applications and APIs.
The world of IT security can confuse all the different vulnerabilities, exploits and newly emerging trends. In this article, we summarise and shortly explain the top 6 most important web vulnerabilities that managers need to be aware of and tackle constantly.
TLS 1.0 and 1.1 have been around for quite some time. TLS 1.0 was released in 1999, TLS 1.1 in 2006. They both should not be used anymore!
There are well-known attacks such as Padding Oracle Attacks or BEAST for those versions. That is why Crashtest Security shows TLS 1.0 & 1.1 as critical vulnerabilities.
You have just started using the built-in Kubernetes functionality on Docker for Mac? It is a promising alternative to docker-compose if you want to mirror your system infrastructure for local development. If you are using Kubernetes in production, you can easily use your existing pod definitions on your machine without set up a Kubernetes cluster like minikube yourself. This short blog post will show you how to collect all logs for your local cluster.
You want to bring your agile development and application security to the next level? You have heard the buzzword “DevSecOps” so many times? You are still asking yourself where to start?
We have gathered six quick wins on how you can get started with DevSecOps.
Security needs to be the number one priority for start-ups. Amazon CTO Werner Vogels stated on the Munich Founder Conference Bits & Pretzels why it is so important: “Without security, you have no business”.
The number of serious vulnerabilities per web application is rising each year. Often developers also have to tackle vulnerabilities that they’ve never seen before. These Zero-Day attacks are why development teams need to proactively search for vulnerabilities within their web application before releasing new features to the public.
Last week, I met a start-up that is working on cloud software. Within their team, they have no one with a tech background. The development of their software is completely relying on two agencies.
Copyright © Crashtest Security GmbH 2021. All rights reserved.