Contrast Incident
Response Hub
The latest news, solutions and best practices for vulnerability management and incident response.
Leverage modern-day solutions to defend against modern-day attacks and deliver cyber-resilient applications across your business.
Incident Response

Spring4Shell
Zero-Day Vulnerability
On March 29, 2022, a Chinese cybersecurity research firm leaked an attack that could impact most enterprise Java applications, globally.

Heightened
Cyber Risk
Contrast Security Works with Global Businesses to Strengthen Security Controls and Increase Transparency Amidst Heightened Cyber Risk ...

Cyber Incident Reporting For Critical Infrastructure Act of 2022
Share on Email Cyber Incident Reporting For Critical Infrastructure Act of 2022On March 15, 2022...

Log4J Vulnerability
Resource Center
Log4j is a programming library (ie. pre-written code) that appears in millions of computer applications globally. It is free, open-source, and has been widely-used since 2001.

DHS Warning - Imminent National Cyberthreats
Due to the ongoing degradation in Ukrainian and Russian relations, today, intelligence agencies from major NATO member nations have issued a warning against imminent...
2021 AppSec Observability Report
A "Can't Miss" report based on real-world data from thousands of applications that highlights vulnerability and attack trends, security debt, benchmarks on the vulnerability escape rate, and much more.

Contrast Labs
Contrast Labs provides analysis of real-world application security data. This section highlights the reports interpreted from various months of researching application vulnerability and attack trends. Every Application Security Intelligence Report highlights investigations on these two datasets to compile the Contrast RiskScore for each vulnerability type.

March - April 2021: Contrast Labs' Application Security Intelligence Report
This report is based on aggregate vulnerability and attack telemetry for custom code from customers whose applications are covered by Contrast Assess and Contrast Protect

July - August 2020: Contrast Labs' Application Security Intelligence Report
This report analyzes composite data from Contrast Labs to update readers on vulnerability and attack trends as observed with applications covered by Contrast Assess and Contrast Protect.

May - June 2020: Contrast Labs' Application Security Intelligence Report
This report leverages aggregate data from Contrast Security customers to provide insights about the vulnerabilities in software that we protect—and attacks on those applications.

March - April 2020: Contrast Labs' Application Security Intelligence Report
This report leverages aggregate data collected by Contrast Assess and Contrast Protect for insights around both application vulnerabilities and targeted attacks.

January - February 2020: Contrast Labs' Application Security Intelligence Report
This report analyzes composite data from Contrast Labs to update readers on vulnerability and attack trends as observed with applications covered by Contrast Assess and Contrast Protect.

May - June 2021: Contrast Labs' Application Security Intelligence Report
This report analyzes composite data from Contrast Labs to update readers on vulnerability and attack trends as observed with applications covered by Contrast Assess and Contrast Protect.
Incident Response Solutions from Contrast
Contrast Protect
Always-on application and API protection from targeted attacks with no code changes required.
Contrast SCA
Automatically catalogue your third-party software risk across the software lifecycle - from build, to test, through production.

Contrast Assess
Flag underlying vulnerabilities in applications before it becomes a disclosed CVE or major incident - all without having to launch a single scan.
Contrast Scan
Code analysis that’s tailor-made for modern CI pipelines that delivers 10x faster scans, and actionable findings to ensure rapid fixes.
Contrast Serverless
Identify custom and open-source vulnerabilities embedded in serverless applications in just three clicks.