CodeSec Scan - Read Me

Optimize code security with CodeSec - Scan. Below is a free tutorial and step-by-step guide to help you get started.

Step 1 – Install

Open a command-prompt or terminal, then install with NPM, Homebrew or by downloading binaries from Artifactory :

brew tap contrastsecurity/tap
brew install contrast

Step 2 – Authenticate

Authenticate using your existing GitHub or Google account.

contrast auth

Step 3 – Run

Find your vulnerabilities

Scan

Navigate to your chosen directory.
Then run a SAST scan on your Java, Javascript or .NET code with the following command.

contrast scan

In minutes CodeSec by Contrast will report all vulnerabilities found with actionable remediation.

contrast_scan_results_wAdvice-1

Need help getting started?

Supported languages:

Additionally, GitHub action is also available to automate Scan as part of your pipeline. Check out this video to learn more.

Contrast support

Contrast Security is the leader in modernized application security, embedding code analysis and attack prevention directly into software. Contrast’s patented deep security instrumentation completely disrupts traditional application security approaches with integrated, comprehensive security observability that delivers highly accurate assessment and continuous protection of an entire application portfolio. This eliminates the need for disruptive scanning, expensive infrastructure workloads, and specialized security experts. The Contrast Application Security Platform accelerates development cycles, improves efficiencies and cost, and enables rapid scale while protecting applications from known and unknown threats.