2015 Application Security Milestones Demonstrate Enterprise Adoption, Industry Recognition & Product Excellence
Palo Alto, Calif. – February 25, 2016 - Contrast Security, the next generation leader in finding vulnerabilities and blocking attacks on software applications, announced today dramatic growth in its core AppSec product, Contrast Enterprise. Notably, 2015 represented the year that Contrast Enterprise became the first application security product to combine the ability to conduct real-time and continuous vulnerability assessments (employing the latest Interactive Application Security Testing (IAST) technology) with instant monitoring and blocking of active application-layer attacks (referred to by Gartner as Runtime Application Self-Protection (RASP)).
Demonstrated Demand For Transformative Application Security
Significantly, in 2015 Contrast:
- Achieved 300% growth in customers, 350% growth in revenue, and 400% growth in applications protected
- Demonstrated exceptional sales momentum in the key industries of Global Financial Services, eCommerce/Retail, Healthcare and Enterprise IT
Continuous Application Security at Global Enterprise Scale
As organizations adopted Contrast and integrated it into their application security initiatives, Contrast Enterprise accurately identified volumes of previously undetected vulnerabilities. Specifically, across all deployments, Contrast:
- Continuously assessed and secured thousands of applications, representing over 10 billion lines of code
- Discovered over 6,000 zero-day vulnerabilities each month, totaling ~ 72,000 for the year.
RASP + IAST = Unparalleled Application Security and Protection
Contrast Enterprise became the first application security product to integrate defenses across development and operations, unifying vulnerability assessment, security visibility and attack protection throughout the application lifecycle. Now organizations can quickly assess and secure the enormous number of new, legacy and continuously changing applications that remain defenseless due to slow, inaccurate and complex first-generation application security solutions.
- Runtime Application Self-Protection (RASP) to monitor and block attacks in real-time
- An essential RASP rule to solve an industry-wide Java deserialization vulnerability
- A stand-alone, open source Java agent to protect against deserialization
Cyber Security Industry Analysts Recognized Contrast’s Progress
- Recognized as a Visionary in the Gartner Magic Quadrant for Application Security Testing for the third year running
- Rated #1, with a 92% accuracy rating, after running the OWASP Industry Benchmark Project for Application Security Testing
- Named a Leader in the latest Forrester Wave: Application Security Report
New Leadership for Global Enterprise Growth and Scale
Additionally, in February 2016, Silicon Valley entrepreneur Alan Naumann joined Contrast as CEO and Chairman of the Board. His deep background in leading Silicon Valley and cyber security companies to the next level will be essential to seeing Contrast expand globally.
“2015 was a tremendous year for Contrast, hitting on all cylinders. We’re well positioned to introduce new capabilities that the largest global enterprises require,” said Alan Naumann, Contrast Security President and CEO. “2016 will be a breakout year both for the application security industry and for Contrast as we expand further to secure the enterprise.”
Additional Enterprise Security Capabilities Introduced
Contrast rolled out a number of important features to support its global and diverse enterprise customers, including:
- New & modern user interface to streamline & simplify the customer experience
- Updated, fully documented REST APIs for SDLC integration
- Streamlined LDAP / Active Directory (AD) integration for enterprise scale
- Enterprise role-based access control for clear and secure separation of duties
Application Language, Framework and Library Coverage Expansion
Most organizations have complex and diverse application environments due to acquisitions, history, or specialization. As a result, Contrast Enterprise expanded its support for multiple programming languages to now include Node.JS, in addition to Java, .Net and ColdFusion. Contrast has also expanded coverage for many of the most popular software frameworks and libraries.
Bright Future in 2016
In an era when applications have become the heart of the enterprise, application security becomes front and center. As a result of the tremendous growth in revenue and customers, industry analyst accolades, and the breakthrough year in Contrast Enterprise application security performance and coverage, Contrast Security is set to transform enterprise security in 2016.
About Contrast Security
Software applications are the number one vulnerability and attack vector for global enterprises. Contrast Security is the world’s only application security software that quickly and accurately stops hackers from stealing data via web applications. Industry research shows that application security flaws are the leading source of successful data breaches, yet more than 90% of applications are not secure. Unlike legacy security products that do not defend applications, Contrast employs patented, deep security instrumentation to strengthen applications before they’re deployed, protect them in production and provide visibility throughout the application lifecycle. As a result, organizations can act faster against threats and immediately improve the security of their enterprise.