Veracode Adds Advanced Dynamic Analysis Capability With Crashtest Security Acquisition

Veracode has announced it has acquired Germany-based software security tool, Crashtest Security, a rising developer-oriented dynamic application security testing (DAST) product. The investment will enhance the existing DAST capabilities available as part of Veracode’s Continuous Software Security Platform and broaden customer access globally.

Web applications are fast becoming the most exploited attack vector for cyber threat actors looking to infiltrate enterprises and critical infrastructure. In fact, web apps now account for 40 percent of breaches. The Crashtest Security product makes it even easier to get started with web application scanning in runtime environments to find vulnerabilities that static analysis is not best suited for. This developer-friendly solution complements Veracode’s platform capabilities as part of a complete modern application security program that secures the entire software development life cycle (SDLC).

Brian Roche, Chief Product Officer at Veracode, said, “Our customers have never been under greater pressure to secure their web applications in response to heightened risk. They seek simple-to-use products that can be onboarded quickly and seamlessly. The Crashtest Security product offers just the solution—it is a highly innovative DAST tool and already has deep roots in the European market. This acquisition supports the growing demand for run-time scanning and allows customers to quickly and easily experience the latest developments in DAST.”

Crashtest Security Dynamic Analysis
Crashtest Security, based in Munich, Germany, was founded in 2017. The solution can be used to analyze JavaScript-based apps, REST (Representational state transfer) APIs, and traditional web apps, and automate security testing via integration in the software development pipeline.

Veracode will incorporate the Crashtest tool into its existing portfolio, allowing customers to use the same login credentials across both products. Users will be able to leverage the most powerful aspects of the integrated technology for a 360-degree view of scanning and reporting architecture across all applications utilizing a DAST product.

Felix Brombacher, CEO and Co-founder of Crashtest Security, said, “We are thrilled to extend advanced DAST capability to a broader market. We have invested heavily in our plug-and-play solution to meet the demands of customers in Europe and enable continuous testing throughout the development process. The acquisition of our dynamic analysis technology and resources by Veracode will enable us to deliver the next generation of DAST to customers globally.”