Contrast Community Edition is the free forever modern software security platform that enables developers to self serve on security. Contrast Community Edition provides the complete functionality of our paid platform solutions, Contrast Assess, Contrast OSS, and Contrast Protect. Contrast Community Edition's main limitations from the paid platform are language support (Java, .NET Core) and only one (1) application can be onboarded.
Install the Contrast agent onto your application server. Our instrumentation sensors are compatible with a number of application languages, runtime platforms, and deployment methods
Trigger your data flow through your running application. Transform your functional test suite ( unit, integration, etc. ) into a security test suite by simply executing your existing CI/CD pipeline
Instantly learn about vulnerabilities in your application. Become aware of vulnerabilities the moment they are discovered without getting bombarded with the noise and alerts of false positives.
Receive guidance in your development environment to remediate those vulnerabilities. Consume clear, concise, and actionable advice in your IDE to remediate your vulnerabilities that are also communicated linter-style and concatenated to the list of compile-time errors.
Rerun automated functional tests to verify remediation. Contrast will automatically verify that the vulnerability no longer exists on the route via RouteIntelligence™ and automatically close Jira tickets to make sure that your focused remediation effort is accounted for in sprint reports.
Automatically notify or block attacks in real-time for vulnerabilities in production code. Defer vulnerability remediation to a future sprint so that feature velocity is not compromised. Let on-call and operations teams monitor and handle attacks that your WAF cannot detect.