How Cresta’s Head of Security Moved Past DAST Dead Ends to Find Vulnerabilities That Actually Matter
When traditional DAST kept returning empty or irrelevant results against Cresta's sophisticated application surface, they knew the tools weren't keeping up. They needed something capable of reasoning through complex attack chains, not just scanning for known signatures.
Cresta is a generative AI platform trusted by Fortune 500 companies, including Alaska Airlines, Cox Communications, and Intuit, to power their contact center operations with real-time intelligence. With enterprise customer data flowing through a complex, AI-driven platform at scale, Robert Kugler holds his security tooling to a high standard. When traditional DAST kept returning empty or irrelevant results against Cresta’s sophisticated application surface, he knew the tools weren’t keeping up. He needed something capable of reasoning through complex attack chains, not just scanning for known signatures.
“Traditional DAST produced either zero or irrelevant results. We needed something that could identify complex vulnerabilities like server-side request forgery. Novee consistently surfaces findings we simply weren’t seeing before.”
— Robert Kugler, Head of Security, IT & Compliance, Cresta
