Contrast Assess
What does security instrumentation do for Application Security? A basketball analogy | Contrast Security
It's not just any basketball — it’s a sensor-packed basketball called the 94Fifty. ...
Contrast’s MTTR is 37x faster than the competition | Vulnerability Remediation | Contrast Security
Security debt — the backlog of known and unresolved vulnerabilities in an organization’s applications — is a drag, literally. It creates a real burden on organizations when it gets too high. The ...
Contrast Labs: Apache Struts CVE-2020-17530
On December 8, 2020, Apache published a security bulletin providing details for CVE-2020-17530, a forced double Object-Graph Navigation Language (OGNL) evaluation vulnerability in Apache Struts 2.0.0 to 2.5.25 that provides attackers arbitrary ...
Eating Our Own Cooking at Contrast: Securing and Protecting TeamServer
It’s very rare that one has an opportunity to experience the development of a major software solution from the ground up and use that very product to secure and protect it at ...
Legacy SAST and the Fallacy of 100% Code Coverage
In October of 2019, three months into my tenure at Contrast Security, I received a challenge question from a customer prospect in the northern Atlanta suburbs who was using a competitor’s legacy ...
Route Intelligence™ Enables Transformation of Traditional Application Security Testing
Route Intelligence™ transforms AppSec testing by providing comprehensive visibility of the entire application attack surface while saving DevSecOps resources through automated vulnerability verification. One out of every four network breaches last year ...
4 Reasons to Automate Security Testing with AppSec Instrumentation
While the idea of “automation” may seem like a modern concept, it dates back to around 762 B.C. when the concept was first introduced in Homer’s epic battle poem The Iliad ...
Why Application Flow Maps Are the Coolest Feature in Application Security
Application flow maps are the cool feature you can use to discover that needle in a haystack—how does my running app work and what does my app connect to? ...
Elite Performers Choose Simpler Tools
I was fascinated to read this year’s Accelerate State of DevOps Report 2019 which now represents six years of research and data from over 31,000 professionals in our industry. It delivers insight ...