Automatic detection of security vulnerabilities in network applications

  -   Deutsch      
Federal research minister Anja Karliczek attending a demonstration of the Crasht

Federal research minister Anja Karliczek attending a demonstration of the Crashtest Security software at CEBIT. (Image: BMBF / Classen)

Entrepreneurship

The start-up Crashtest Security develops software for automatic detection of vulnerabilities in web applications. The company, originally established by students of the Technical University of Munich (TUM), has now been awarded second prize in the CEBIT Innovation Awards in recognition of the outstanding user friendliness of the software.


Checking web applications for security vulnerabilities takes work, time and money. To address this problem, the founders of Crashtest Security GmbH have automated the security check for web developers. Their software uses artificial intelligence to seek vulnerabilities that are otherwise difficult to detect. In this way, Crashtest Security protects web applications, mobile apps and the Internet of Things against cyber attacks. The software is especially useful for web development teams that lack special IT security skills.

The underlying idea was created by three former TUM informatics students in a course assignment in which participants were asked to develop an online banking application. To perform a security check, they hacked into the applications developed by the other teams. After realizing how much work was involved in performing the check manually, Janosch Maier, René Milzarek and Daniel Schosser automated some of the steps. This later served as the basis for developing a security scanner, which became the prototype for their business model today.

Self-testing for vulnerabilities


The winners of the CEBIT Innovation Awards are selected by the Federal Ministry of Education and Research and Deutsche Messe AG. This year’s second prize went to Crashtest Security in recognition of its excellent ease of use. "New customers just need to log in to start an immediate check of their applications," says Janosch Maier. After vulnerabilities are detected by the software, the web developers can take action themselves to eliminate them with the help of easy-to-follow explanations in a security wiki resource. Federal research minister Anja Karliczek presented the company founders with the award, which comes with a cash prize of 30,000 euros, at the CEBIT trade fair in Hanover last week. Attendees at the world’s biggest IT fair had the opportunity to test the product of the TUM spin-off for themselves.

Start-ups need support


On their path from the initial idea to a market-ready product, the Crashtest Security team was advised and supported by the TUM Start-up Advising team. The founders also received support from other students. While the three informatics students tinkered with their idea in an office space in TUM’ s "incubator" , students at the TUM School of Management looked into possible market entry scenarios. Today the young company, with managing director Felix Brombacher, has its own management expert. In the beginning, Prof. Florian Matthes was on hand as a technical mentor. He does research in software engineering for business information systems at TUM. This enabled the founders to successfully apply for the EXIST program, a federal scholarship fund that provides start-ups with up to a year of financial support.

UnternehmerTUM , the Center for Innovation and Business Creation at TUM, helped the young entrepreneurs prepare for their market launch. The XPRENEURS program gave them access to coaching and a network of entrepreneurs along with funding. A major benefit of that program: the network contacts gave Crashtest Security early access to investors. The start-up, which was established in February 2017, now has seven employees. More than 250 users have signed up for the award-winning security scanner.

TUM takes first place in "Start-Up Radar" rankings


According to the latest "German Startup Monitor" report, TUM leads all German universities for the number of start-ups generated. Every year TUM spawns around 70 spin-off companies. The outstanding support provided by TUM is confirmed in the "Start-Up Radar", a survey conducted by the German business community’s innovation agency (Stifterverband für die Deutsche Wissenschaft), where TUM also placed first.