Contrast Application Detection and Response (ADR)
Eliminate your application blindspots and protect your applications and APIs from exploits and zero days.
Defend your apps like you defend your network
Contrast’s agent is embedded inside your code, so it knows what’s going on at every level, allowing autonomous protection from within.
Protect against zero-day threats to your applications
- Contrast ADR provides the missing compensating control against attacks on your custom code and libraries.
- Sophisticated runtime analytics sniff out and block attempted exploits against vulnerable code without cumbersome scanning or signatures.
Respond efficiently with insights from inside your applications
- Incident responders get full execution context and comprehensive playbooks to contain and remediate application threats quickly.
- Developers and AppSec teams get detailed execution path details down to the line of code from the specific targeted function, enabling them to fix vulnerabilities with less hassle.
Detect application attacks in real time
- See attacks across your entire application stack, including exposures in third-party code and libraries, APIs and platforms.
- Uncover critical code vulnerabilities before an adversary does.
- Highly accurate results and full attack context means less time wasted on false positives.
Comply with industry regulations and standards
- Satisfy requirements from NIST CSF, ISO27001, PCI and many more that mandate the need for detailed security telemetry.
- SecOps teams receive the insights they need to support fast response and disclosures where needed.
ADR fills a critical gap in your detection and response stack
Many stealthy attacks come through applications where typical SOC detection and response stacks are blind.
How it works
Integrated agent
The Contrast agent secures your applications from within by gathering security telemetry using a variety of security instrumentation techniques, including code scanning, library scanning, application instrumentation, configuration file scanning and other techniques.
Define policies
Based on your unique requirements and risk tolerance, you’ll define how you’d like Contrast ADR to act, what types of threats you’d like to block, and the level of alerting and telemetry you’ll provide for security operations analysts.
Monitor and protect
Contrast ADR continuously monitors for anomalous behaviors that represent attempts to exploit known and zero-day vulnerabilities. Attacks on your production applications are detected and can be blocked in real time, and alerts are generated with supporting telemetry to drive fast and effective incident response.
Take action
Security analysts are now equipped to take decisive action against emerging application threats. Detailed playbooks, application alerts and telemetry ensure that responders are equipped with the data and expertise they need. Integration with SIEM and XDR ensures they can do it in the platform where they can be most effective.
Contrast ADR blocks application-level attacks, even zero days
Types of attacks stopped
- Command injection
- OGNL injection
- JNDI injection
- SSRF
- Template injection
- Unsafe file upload
- Path traversal
- Reflected XSS
- SQL/NoSQL injection
- Unsafe deserialization
- XXE
- ClassLoader manipulation
Contrast prevents zero days years before disclosure
- CVE-2023-22527 Atlassian Confluence – template injection
- CVE-2023-34040 Spring/Kafka – unsafe deserialization
- CVE-2023-22965 Spring4Shell – malicious data binding
- CVE-2021-44228 Log4Shell – JNDI injection RCE
- CVE-2021-26084 Atlassian Confluence EL injection
- CVE-2020-17530 Apache Struts2 – EL injection
- CVE-2020-11651 Python Salt – authentication bypass
- CVE-2020-11652 Python Salt – directory traversal
- CVE-2020-9484 Apache Tomcat – unsafe deserialization
- CVE-2019-2725 WebLogic – unsafe deserialization
- CVE-2019-0230 Apache Struts2 – EL injection
- CVE-2018-11776 Apache Struts2 – EL injection
- CVE-2016-0792 Jenkins XStream – unsafe deserialization
Supported platforms and languages
Part of the Contrast Runtime Security Platform
The Contrast Runtime Security platform is well-recognized as the leader in Interactive Application Security Testing (IAST) — proven technology that directly observes the behavior of applications and APIs at runtime. This “Secure from Within” approach delivers unparalleled visibility, accuracy and protection from attacks against both known and unknown vulnerabilities.