Contrast Assess – WindowsTechs.com

Contrast Labs: Apache Struts CVE-2020-17530

Posted on December 18, 2020 by Ian Mangan, Associate Engineer

On December 8, 2020, Apache published a security bulletin providing details for CVE-2020-17530, a forced double Object-Graph Navigation Language (OGNL) evaluation vulnerability in Apache Struts 2.0.0 to 2.5.25 that provides attackers arbitrary remote e… Continue reading Contrast Labs: Apache Struts CVE-2020-17530→

Eating Our Own Cooking at Contrast: Securing and Protecting TeamServer

Posted on October 22, 2020 by David Hafley, VP of Engineering at Contrast Security

It’s very rare that one has an opportunity to experience the development of a major software solution from the ground up and use that very product to secure and protect it at the same time. This is precisely what we’ve been able to do at Contrast Secur… Continue reading Eating Our Own Cooking at Contrast: Securing and Protecting TeamServer→

Legacy SAST and the Fallacy of 100% Code Coverage

Posted on May 28, 2020 by M-C Reid

In October of 2019, three months into my tenure at Contrast Security, I received a challenge question from a customer prospect in the northern Atlanta suburbs who was using a competitor’s legacy static application security testing (SAST) solution… Continue reading Legacy SAST and the Fallacy of 100% Code Coverage→

What You Need to Know About the New IAST and RASP Guidelines in NIST 800-53

Posted on March 19, 2020 by Derek Rogerson

The post What You Need to Know About the New IAST and RASP Guidelines in NIST 800-53 appeared first on Security Boulevard.
Continue reading What You Need to Know About the New IAST and RASP Guidelines in NIST 800-53→

Route Intelligence™ Enables Transformation of Traditional Application Security Testing

Posted on March 17, 2020 by Subhash Arja

Route Intelligence™ transforms AppSec testing by providing comprehensive visibility of the entire application attack surface while saving DevSecOps resources through automated vulnerability verification.
One out of every four network breaches la… Continue reading Route Intelligence™ Enables Transformation of Traditional Application Security Testing→

4 Reasons to Automate Security Testing with AppSec Instrumentation

Posted on February 20, 2020 by Dena DeAngelo

While the idea of “automation” may seem like a modern concept, it dates back to around 762 B.C. when the concept was first introduced in Homer’s epic battle poem The Iliad.
The post 4 Reasons to Automate Security Testing with AppSec I… Continue reading 4 Reasons to Automate Security Testing with AppSec Instrumentation→

Why Application Flow Maps Are the Coolest Feature in Application Security

Posted on December 16, 2019 by Derek Rogerson

Application flow maps are the cool feature you can use to discover that needle in a haystack—how does my running app work and what does my app connect to?
The post Why Application Flow Maps Are the Coolest Feature in Application Security app… Continue reading Why Application Flow Maps Are the Coolest Feature in Application Security→

Elite Performers Choose Simpler Tools

Posted on October 23, 2019 by David Archer

I was fascinated to read this year’s

Accelerate State of DevOps Report 2019
which now represents six years of research and data from over 31,000 professionals in our industry. It delivers insight into the practices an… Continue reading Elite Performers Choose Simpler Tools→

Coalfire PCI Compliance & Contrast Security

Posted on August 5, 2019 by Erik Costlow, Principal Product Evangelist

Contrast Assess and Protect recently went through an independent evaluation by CoalFire, a respected Payment Card Industry (PCI) and Payment Application (PA) Qualified Security Assessor Company (QSAC).
The post Coalfire PCI Compliance & Contra… Continue reading Coalfire PCI Compliance & Contrast Security→