• Contrast Home
  • Start now
PP-CodeSec-Landing-strip--B2

What is CodeSec by Contrast?

CodeSec brings Contrast's enterprise-level security to your development workflow for FREE!
CodeSec delivers:

  • CodeSec – Scan:  Optimize code security for Java, Javascript and .NET with fast, industry-leading scans and actionable results.
  • CodeSec – Serverless:  Ground-breaking application security for AWS Lambda Functions (Java + Python) 
  • CodeSec – SCA:  Coming this summer 2022

All these capabilities are available through a simple command line interface (CLI) or GitHub Action for CodeSec Scan

Step 1 – Install

Open a command-prompt or terminal, then install with NPM,  Homebrew or by downloading binaries from Artifactory :

brew tap contrastsecurity/tap
brew install contrast

Step 2 – Authenticate

Authenticate using your existing GitHub or Google account.

contrast auth

Step 3 – Scan

Find your vulnerabilities

Navigate to your chosen directory.
Then run a SAST scan on your Java, Javascript or .NET code with the following command.

contrast scan

 

In minutes Contrast will report all vulnerabilities found with actionable remediation.

CodeSecOutput_3

Our GitHub action is also available to automate Scan as part of your pipeline.