Contrast Security Solutions Enable "DevSecOps" , and accelerate secure high-speed application development
NRI Secure Technologies, Inc. "NRI Secure" and "UBSecure" have partnered with Contrast Security to sell Contrast Assess, the company’s market leading Interactive Application Security Testing (IAST) solution and Contrast Protect, their market leading Runtime Application Self-Protection (RASP) product.As companies undertake digital transformations, their software development and IT operations teams work closely together to build “DevOps” processes to enable the continuous release and deployment of software. Because vulnerable applications are the leading source of data breaches, there is a critical need for cybersecurity in “DevOps” environments which is driving the creation of a new category of “DevSecOps” teams and solutions.
To help organizations address their DevSecOps needs, NRISecure and UBSecure have offered "Vex," their joint Dynamic Application Security Testing (DAST) product to conduct vulnerability diagnosis of web applications created DevSecOps environments . By combining Contrast Assess with ' Vex, ' customers can now dramatically improve the efficiency of detecting and fixing vulnerabilities in agile, high-speed application development environments.
Contrast's products that will be available for sale now are as follows:
Contrast Assess
Contrast Assess continuously assesses vulnerabilities by leveraging any application usage or testing activity to produce results, and does not require scans or attacks. This dramatically reduces the need for costly and scarce security resources to run scans. Adding the Contrast agent to an organization's applications (e.g., by adding it to a standard server build) allows applications to perform "self-assessments” so that organizations get continuously up-to-date visibility into the security of all applications running everywhere.
Further, Contrast Assess performs a full analysis of all third-party components and Open Source Software (OSS) used in an application to identify the type and version, as well as any vulnerabilities they contain.
Contrast Assess also includes native integrations with popular development and DevOps products, and includes an API to integrate with virtually any other CI/CD tools. This makes it possible to consume and leverage vulnerability information in tools such as Slack , JIRA , Jenkins, etc.
Contrast Protect
Contrast Protect provides unparalleled defense from within production applications, viewing attacks the same way the application sees them, and preventing attacks from breaching applications. No network changes are required and, protection stays with the application wherever it is hosted. Contrast Protect also identifies and logs all attack events for integration with third party log management and SIEM solutions. Additionally, users can define custom logging parameters for deeper insight and analytics.
Surag Patel, Chief Strategy Officer at Contrast Security, said that “Contrast Security is pleased to partner with NRI Secure and UBsecure to launch our award winning cyber security product in Japan. We are partnering with a leader in the Japanese cybersecurity market to bring our next generation technology to Japan and are excited to enable Japanese customers to achieve DevSecOps. As they progress on their digital transformation journeys, they will be able to identify and remediate security vulnerabilities during the software development life cycle and prevent data breaches effectively in their production environments.”
For more information, product details and annual usage fees, please refer to the NRI Secure Technologies website.
NRISecure will continue to contribute to the realization of a safe information system environment and society on a global scale by providing various products and services that support corporate and organization information security measures.
* 1 IAST ( Interactive Application Security Testing ):
An inspection method that detects vulnerabilities while monitoring the execution environment by integrating with applications.
* 2 DAST (Dynamic Application Security Testing ):
Inspection technique to applications running, and sends the pseudo-challenge (test) request, to determine whether there is a vulnerability from the change in the behavior of the application.
* 3 SAST (Static Application Security Testing):
An inspection method that reads the source code of the application and judges the vulnerability from the description contents of the source code (data flow etc) .
* 4 RASP (Runtime Application Security Protection ):
It runs integrally with the application, detects abnormalities at the application level, and performs defense.
About Contrast Security:
Contrast Security is the world’s leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production. More information can be found at www.contrastsecurity.comor by following Contrast on Twitter at @ContrastSec.
Inquiries concerning services:
NRI Secure Technologies, Inc. Public Relations
TEL: 03-6706-0622 E-mail: info@nri-secure.co.jp