AppSec Observer
Contrast’s application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.
Cybersecurity Insights with Contrast CISO David Lindner | 12/06/24
David Lindner, Director, Application Security | | cyberattacks, Incident Response, Incident Response challenges with CVE backlog, NIST CVE Backlog, SOC (Security Operations Center), Threat Intelligence, Vulnerability Management, vulnerability scanning
Insight #1: The NIST CVE backlog is hogtying CISOs The NIST CVE backlog is a digital plague crippling a critical control layer in an organization's cybersecurity architecture. CISOs and security leaders are ...
Ensuring vigilant digital transformation in the financial sector
Financial services are at the crossroads of innovation and threats from ever-more sophisticated cybercriminals. “In my 25 years in cybersecurity, I’ve never seen it this bad,” said Tom Kellermann, Executive Vice President ...
Cybersecurity Insights with Contrast CISO David Lindner | 11/22/24
Insight #1: CISO-less companies, you’re playing with fire Only 45% of American companies have a chief information security officer (CISO), according to new research. It’s time to ask a hard question: Are ...
Smarter AppSec: How ADR, Secure by Design and ‘Shift Smart’ are Redefining Cybersecurity | Application Security Podcast Takeaways | Contrast Security
Contrast Marketing | | ADR, Pen Test, pen testing, runtime protection, secure by design, shift smart, Threat Modeling
If there’s one thing Jeff Williams learned from years and years of doing pen testing and threat modeling, it’s this: They're highly time-pressured ...
Cybersecurity Insights with Contrast CISO David Lindner | 11/15/24
Insight #1: Two tricks to stop mystery breaches The majority of security leaders reportedly don’t know what caused data security incidents at their organizations over the past 12 months. To reduce the ...
Cybersecurity Insights with Contrast CISO David Lindner | 11/8/24
David Lindner, Director, Application Security | | ADR, automatic updates, Critical Infrastructure, SIEM, Thought Leaders
Insight #1: Time for a new SIEM? Make it ADR-compatible When evaluating modern security information and event management (SIEM) solutions, prioritize those with robust integrations for Application Detection and Response (ADR). This ...
Expression Language (EL) Injection | Attacks Blocked by Contrast ADR | Contrast Security
Today we’re taking a deep dive into Contrast Security’sApplication Detection and Response (ADR) data for the month of October 2024, with a special focus on one of the world’s most dangerous attack ...
PCI DSS v4.0.1 Changes | Application Security PCI Compliance Requirements | Contrast Security
The deadline to comply with the latest version of the Payment Card Industry Data Security Standard (PCI DSS), v4.0.1, is rapidly approaching: March 31, 2025. Are you prepared? ...
Cybersecurity Insights with Contrast CISO David Lindner | 11/1/24
Insight #1: You can be sued for your junky software, EU says The EU recently updated its Product Liability Directive (PDF) to reflect the critical role of software in modern society. This ...
Application Detection and Response (ADR): A Game-changing SOC Analyst Tool | Contrast Security
Will Derksen, Solution Engineer, Contrast Security | | Detection, Incident Response, SOC, Threat, threat detection
Paged at 3 a.m. again … we had another breach to respond to in the security operations center (SOC). While the incident response team was busy delegating roles and responsibilities, I was ...