In the News

As the fallout from the Apache Log4J vulnerabilities earlier this year shows, the biggest risks in enterprise software today are not necessarily with insecure code written directly by in-house software development teams. 

Comcast's DevSecOps transformation started small but quickly gained steam, resulting in 85% fewer security incidents in production. Learn more in this case study.

That's software developer shorthand for moving a task to an earlier spot on the timeline, and it's what smart SaaS companies are now doing to protect themselves and their customers from cybercrime.

IDC MarketScape has named Contrast Security a ‘Major Player’ in the 2022 IDC MarketScape: Worldwide Application Security Testing, Code Analytics, and Software Composition Analysis 2022 Vendor Assessment – Coordinating Security and Quality for Resilience and DevSecOps 

In the near future, application security will be visible to customers and it will transform the market, says Jeff Williams, co-founder and CTO of Contrast Security. 

Data Theorem has launched what it’s calling the industry’s first attack surface management (ASM) product. 

GitHub Desktop 3.0 introduces tools that make it easier for software developers to stay up to date with code changes. Some developers, though, are calling for more features.

Every organization with a devops framework is expected to have a DevSecOps mindset for sustainability’s sake. 

Jeff brings more than 20 years of security leadership experience as Co-Founder and Chief Technology Officer of Contrast. 

Steve Wilson is the Chief Product Officer at Contrast Security, with over 25 years of experience developing and marketing products at multi-billion-dollar technology companies such as Citrix, Oracle, and Sun Microsystems.

Every AppSec leader recognizes and admits that software development is accelerating, and there’s no way their current approach is going to keep up.

In 2019, I wrote a post detailing the traits of DevSecOps—the practice can be defined as the process of security automation in which IT and security are more de-siloed.