CONTRAST COMMUNITY EDITION

    The only DevOps-native AppSec Platform for free. Designed with developers in mind.
    Create Free Account

    Code Scanners Cannot Meet Modern DevOps


    Traditional application security (AppSec) models that use static application security testing (SAST) and dynamic application security testing (DAST) are plagued by code halts, false positives, as well as false negatives. False positives are a foundational weakness of security results from code scanners that are “blind” to the runtime context of applications such as the controller, application logic, data layer, presentation view, user libraries, open-source components, and application server.

    In addition to the above, their point-in-time security approaches, which are signature based, only identify known threats and miss unknown threats—thereby resulting in increased significant risk exposure. Scanning code line by line, SAST and DAST approaches also struggle to map out full visibility of the application attack surface—especially in the area of application programming interfaces (APIs).

     

    Integrate

    Contrast Community Edition works by deploying an intelligent agent that instruments the application with smart sensors to analyze code in real-time from within the application. 

    Product Tour

    You can hit the ground running with Contrast Community Edition—able to integrate AppSec directly into the modern DevOps tools you already use. Using the flexibility and extensibility of the Contrast DevOps-native AppSec Platform, you can deploy Community Edition onto your Platform-as-a-Service (PaaS) of choice, be the first to know about new vulnerabilities through chat tools, add security gates to continuous integration/continuous deployment (CI/CD) pipelines, track remediation through ticketing systems, and learn about remediation options in integrated development environments (IDEs) and code editors.

     

    Key Integrations

    • Development
      VisualStudio35x80 CS CE Page V1 (1) CS CE Page V1 CS CE Page V1 (3) Microsoft_Teams_35x100
    • Continuous Integration
      gradle jenkins maveen bamboo junit
    • Work Tracking Platforms
      JiraLogo_35x93 threadfix bugzilla GitHub_Logo35x85
    • Operations
      splunk DataDog35x35 sumologic35x35 VictorOps-Logo
    • Cloud Integrations
      ElasticBeanstalk_grey-1 Pivotal CF_35x35 azure Google App Engine - 35x45

    Why We Built It

    The world faces a software security crisis where most organizations are unable to perform even basic application security, putting everyone's personal financial, healthcare, and other data at risk. Firms can't rely on their development teams to address security and must depend on hard-to-find security experts, slow and inaccurate tools, and lengthy, complex review processes late in the SDLC.
     

    To make modern security available to all organizations, large or small, regardless of ability to pay, Contrast Security launched Community Edition in 2018, a free and full-strength application security platform that provides “always on” IAST, RASP, and SCA for Java applications, .NET Core (and .NET Framework coming soon) and APIs.

    Create Free Account

    Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production.
    Subscribe To Blog

    SITE LINKS

    CONTRAST SUPPORT

    © 2020 Contrast Security. All Rights Reserved.
    240 3rd Street, Los Altos, CA 94022 +1.888.371.1333