Crashtest Security

Pros: As Information security/Data Privacy manager we wanted a product that would help us identify security vulnerabilities and provide recommendations on how to eliminate them. Crashtest does that on several levels, from scanning the requests to checking the headers and then trying to actually penetrate systems change/destroy data in a very clever way. Support staff very helpful, responsive and friendly. This product can be integrated with so many CI/CD tools and with a bit of configuration it is easy to automate and integrate to almost any system and Notify/prevent security vulnerabilities from reaching areas they should not.

Cons: As a new system, Crashtest had some issues when we started using it, but the support team was very responsive in fixing any issues we encountered. If I have to be picky, the one thing I would raise is that there is a bit of room to improve performance.

Overall: As stated above, we are very happy with the systems provided by Crashtest especially when it comes to location of the online system (in EU zone and GDPR compliant). We will be working very hard to fully automate and integrate Crashtest into our CI/CD process to make sure our customers data is secure at all times. And we are confident that Crashtest will support us every step of the way, Great Products, Great Features built with latest technologies and not to forget excellent support.

Pros: Crashtest Security provides a great vulnerability detection while it is very easy to setup and use. It detects vulnerabilities such as SQL Injections or Code Execution from a blackbox point of view. So I can really see, how attackers view my web applications from the outside. We have integrated it our processes and get Mattermost notifications regarding our scan results.

Cons: Some features (such as configuring scanning for networks not reachable from the internet) are not yet available as self service functionality using the web frontend. However, the Crashtest Security support was very friendly and eager to support us with the setup.

Overall: I can highly recommend Crashtest Security if you are looking for a vulnerability scanner that integrates into your DevOps processes, workflows and tools.

Pros: - Very easy setup
- Provides solutions for findings with the help of a wiki
- Generates an easy to read scan result (even for non tech people)
- Very friendly support

Cons: - many pages cant be opened in a new tab
- sometimes the scanner cant login to our application, a manual restart fixes the problem

Overall: Very easy to setup, very friendly & good support
Did prefer the old design where the preferences were on one page, now you sometimes have to search for a specific setting.

Pros: The solution is easy to setup. The UI is mostly clean.
The solution provides a helpful findings wiki.

Cons: Product is not 100 % stable yet. Sometimes duplicated findings occur.
The JavaScript-built UI is not always easy or reliable to navigate (open in new tab is not possible for many pages).

Overall: Fast & friendly support from the small team. The solution is under active, continuous development.
It's an interesting complementary solution to manual pen tests

Pros: - Easy to set up and integrate.
- Performs a wide range of scans and scanning scenarios.
- User friendly scan results.

Cons: As of today, I couldn't observe any disadvantages.

Overall: Overall I would recommend the product because of ease of use, great Support Team and an easy Integration.