We started with one goal in mind, to create engaging applications on a variety of platforms to help engineering teams to deliver secure software rapidly.

We will work alongside our clients, leveraging the know how we have gained across multiple industries in some of the worlds largest organisations to help deliver the best products we can together.

See here for Holstrs pricing on the holstr product page

When we work with clients, they own the IP to any software we create for them.

Clients own the data and IP of any application we create in conjunction with them.

moves up from the fifth position; 94% of applications were tested for some form of broken access control. The 34 Common Weakness Enumerations (CWEs) mapped to Broken Access Control had more occurrences in applications than any other category.

shifts up one position to #2, previously known as Sensitive Data Exposure, which was broad symptom rather than a root cause. The renewed focus here is on failures related to cryptography which often leads to sensitive data exposure or system compromise..

slides down to the third position. 94% of the applications were tested for some form of injection, and the 33 CWEs mapped into this category have the second most occurrences in applications. Cross-site Scripting is now part of this category in this edition..

is a new category for 2021, with a focus on risks related to design flaws. If we genuinely want to “move left” as an industry, it calls for more use of threat modeling, secure design patterns and principles, and reference architectures.

previous edition; 90% of applications were tested for some form of misconfiguration. With more shifts into highly configurable software, it’s not surprising to see this category move up. The former category for XML External Entities (XXE) is now part of this category.