Read the latest press releases and news clippings featuring Contrast.

PRESS RELEASE: Contrast Security Provides .NET Community First Free DevSecOps Solution to Take Control of Application Security

Contrast Community Edition empowers .NET developers to pinpoint security flaws and neutralize attacks

LOS ALTOS , Calif.– October 2, 2019 Contrast Security, the next generation application security testing and protection platform, today announced the availability of .NET Core support on Contrast Community Edition (CE). Contrast CE is a free and full-strength application security platform that provides “always on” Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), and Runtime Application Self Protection (RASP) for software applications and APIs.

“.NET Core is the evolution of Microsoft’s .NET technology into a modular, cross platform, open source and cloud ready platform,” said Sam Guckenheimer, Product Owner – Azure DevOps, Microsoft. “We’re excited to see market disruptors like Contrast Security invest in this ecosystem and bring their innovative technology to the wider .NET community. Security is paramount in software development and tools that enable developers to deliver high-quality software rapidly. Security is the key to accelerating digital transformation.”  

Although platforms like .NET Core enable teams to further accelerate software development and scalability, enterprises continue to face a software security crisis that limits their ability to perform even basic application security on the vast majority of their application portfolio. This places everyone’s financial, healthcare, and other sensitive data at risk. Development teams are not empowered to address security during the software development process, a gap that results in organizations depending on hard-to-find security experts, slow and inaccurate tools, and complex late-stage review processes. This, in turn, leads to a critical state and as software development velocity increases, security continues to fall further behind.

“To further our goal of finally making all software secure, we are excited to deliver a full strength security solution for free to the .NET community. Microsoft has been a great partner to Contrast Security and we continue to invest in securing the .NET and Azure ecosystem. By enabling all .NET teams to infuse security directly into their development and production environments, without buying expensive tools, we have made it possible to achieve highly secure .NET applications and APIs quickly and easily,” said Jeff Williams, CTO and Co-Founder, Contrast Security.

“DevOps requires software security to be rebuilt from the ground up. Modern software and development approaches require security to be woven in from when developers write code through when it is deployed into environments like Azure. Contrast Security’s approach to embed application security leveraging instrumentation throughout the software lifecycle represents the future of DevSecOps,” said Dave McKinstry, Sr. Program Manager, Microsoft.

30M Developers Worldwide and over 6M .Net Developers Will Benefit

The Contrast CE solution is designed to help small teams building a .NET Core application or API protect against a broad range of security flaws, including the top 10 vulnerabilities listed in the Open Web Application Security Project (OWASP). The solution enables small teams to assess both custom code and open source libraries for security vulnerabilities and to prevent vulnerabilities from being exploited in production. In addition, all Contrast integrations, such as Visual Studio IDE and Azure DevOps, are free and compatible with Contrast CE. Developers and security teams can have application security visibility within the tools and processes that they already use today.

The solution is designed to improve the current market statistics:

  •   33% of software is never tested for vulnerabilities
  •   Almost 80% of applications contain at least one critical or high vulnerability
  •   An estimated 84% of security breaches exploit vulnerabilities at the application layer

The Contrast Platform unifies Application Security Testing (AST), Software Composition Analysis (SCA), and Runtime Application Self Protection (RASP) through the use of software instrumentation. Contrast’s sensors directly monitor running software to provide highly accurate vulnerability and exploit detection and prevention, without requiring experts to deploy and manage legacy scanning and firewall technology.

Contrast CE delivers the power of Contrast Assess and Contrast Protect, which are utilized by some of the largest global enterprises, to individual developers and smaller teams. From one-off projects using Community Edition, to organizations of all sizes using Contrast Assess and Protect, Contrast provides a comprehensive approach to application security in order to finally make all software secure. Contrast CE supports Java and .NET Core, with plans to release .Net, Node, Ruby, and Python versions in the near future.

Register for Community Edition here.

About Contrast Security:

Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production. More information can be found at or by following Contrast on Twitter at @ContrastSec.


Surag Patel, Chief Strategy Officer

Surag Patel, Chief Strategy Officer

Surag Patel brings more than a decade of experience to Contrast Security, where he serves as Chief Strategy Officer. An experienced, highly analytical product and marketing executive, Surag’s focus is in driving Contrast’s global marketing and product strategy. Prior to Contrast, Surag served as Vice President of Global Product Management and Corporate Marketing for 41st Parameter, which was acquired by Experian in 2013. Prior to 41st Parameter, Surag led global data strategy and consumer insights for InMobi, the largest global independent mobile ad network. Surag blends his experience of bringing innovative products to market with a mix of engineering expertise, product strategy and domain expertise. Prior to InMobi, Surag spent five years at comScore leading advertising effectiveness research and development of the Ad Effx™ suite of products. Surag holds a BS in Computer Engineering from Cal Poly, San Luis Obispo, and a Masters in Engineering Management from Duke University.


Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook