Skip to content

In the News

Featured

06/02/2022

Contrast Security announces new free code scanning tool

Contrast Security, the code security company that enables developers to secure while they code, today unveiled a new code scanning tool, CodeSec by Contrast Security

Read More
Contrast Security announces new free code scanning tool

05/05/2022

Data Theorem launches attack surface management product that identifies 3P assets & appsec violations

Data Theorem has launched what it’s calling the industry’s first attack surface management (ASM) product. 

Read More arrow-right-tertiary

05/03/2022

GitHub Desktop 3.0 gets lukewarm reception

GitHub Desktop 3.0 introduces tools that make it easier for software developers to stay up to date with code changes. Some developers, though, are calling for more features.

Read More arrow-right-tertiary

05/03/2022

Organizations ramp up DevSecOps tools for optimum security

Every organization with a devops framework is expected to have a DevSecOps mindset for sustainability’s sake. 

Read More arrow-right-tertiary

05/02/2022

Ep801: Jeff Williams | Co-Founder and Chief Technology Officer of Contrast

Jeff brings more than 20 years of security leadership experience as Co-Founder and Chief Technology Officer of Contrast. 

Read More arrow-right-tertiary

05/01/2022

On Improving Security with Steve Wilson

Steve Wilson is the Chief Product Officer at Contrast Security, with over 25 years of experience developing and marketing products at multi-billion-dollar technology companies such as Citrix, Oracle, and Sun Microsystems.

Read More arrow-right-tertiary

04/28/2022

How to make DevSecOps a reality

Every AppSec leader recognizes and admits that software development is accelerating, and there’s no way their current approach is going to keep up.

Read More arrow-right-tertiary

04/18/2022

How DevSecOps Teams Can Level Up

In 2019, I wrote a post detailing the traits of DevSecOps—the practice can be defined as the process of security automation in which IT and security are more de-siloed.

Read More arrow-right-tertiary

04/07/2022

SpringShell Brings Hell to Java Developers

Logj4Shell brought a lot of misery, the newly discovered SpringShell vulnerability, not to be confused with the totally different Spring Shell project, may bring as much or even more. Here’s why.

Read More arrow-right-tertiary

04/02/2022

Can 'shift left' in DevOps pipelines go too far?

More and more functionality, from security to cost management, is now packed into DevOps pipelines -- but if done improperly, "shift left" can create more problems than it solves.

Read More arrow-right-tertiary

03/31/2022

Remote code execution flaws in Spring and Spring Cloud frameworks put Java apps at risk

Users are urged to update both the Spring Framework and Spring Boot tool.

Read More arrow-right-tertiary

03/31/2022

Spring4Shell vulnerability could have ‘a larger impact’ than Log4j

A newly-discovered zero-day vulnerability known as Spring4Shell could have “a larger impact” than Log4j.

Read More arrow-right-tertiary

03/31/2022

Spring confirms ‘Spring4Shell’ zero-day, releases patched update

Earlier this week, experts released details on a remote code execution (RCE) vulnerability affecting the Spring Framework. 

Read More arrow-right-tertiary

Experience Contrast today

See how you could get secure code moving on the Contrast Secure Code Platform