Contrast Secure Code Platform
for Federal Government Agencies

Contrast Security is the Leading Secure Code Platform for DevSecOps

Contrast Security is the only continuous secure coding platform that natively integrates into all stages of the software development life cycle, from development to production. Delivering three security solutions via a single platform — runtime code security (IAST), open-source security (SCA), and runtime application self protection (RASP) — Contrast Security solutions map to all of the very latest US Federal Government security directives, including:

CISA Zero Trust Maturity Model

Solutions that map to the directives of the Application Workload pillar (Pillar 4), including:

• Threat protection
• Accessibility
• Application Security
• Visibility & Analytics Capability
• Automation & Orchestration Capability

NIST 800-53, Rev. 5

Runtime Application Self-Protection (RASP) to address SI-17(7):

• Detects and blocks vulnerabilities
• Senses “probe” vs. genuine attacks
• Monitors and blocks inputs
• Protects runtime environments

Interactive Application Security Testing (IAST) to address SA-11(9):

• Detects vulnerabilities during test runs
• Identifies a full range of vulnerabilities
• Monitors all code, libraries, frameworks, and connections
• Performs continuous, real-time assessments

President Biden’s Cybersecurity Executive Order

• Tracks security threat information (EO Sections 2 & 7)
• Modernizes federal app security (EO Section 3)
• Enhances supply chain security (EO Section 4)
• Application incident response playbook (EO Sections 6 & 8)

CISA Binding Operational Directive 22-01

• Instantaneous CVE alerts
• Application runtime protection
• Address many of the over 250 listed vulnerabilities