Skip to content

In the News

Featured

06/02/2022

Contrast Security announces new free code scanning tool

Contrast Security, the code security company that enables developers to secure while they code, today unveiled a new code scanning tool, CodeSec by Contrast Security

Read More
Contrast Security announces new free code scanning tool

01/06/2022

What app developers need to do now to fight Log4j exploits

Why you may already be at risk, how to detect and mitigate the Log4j vulnerabilities now, and how to improve your code security in the future.

Read More arrow-right-tertiary

01/06/2022

Insider threats, supply chain attacks and quantum threats -- enterprise security predictions for 2022

The transition to remote and hybrid working has led enterprises to radically revise the way they operate. This has thrown up a variety of new challenges in ensuring systems remain secure.

Read More arrow-right-tertiary

01/03/2022

How Cybersecurity Can Keep Up With Waves Of Innovation

CTO and Co-Founder of Contrast Security — helping companies become truly great at securing their apps and APIs.

Read More arrow-right-tertiary

01/03/2022

Application Security in a Time of Cloud

Application security matters because the entire role of virtual machines and containers is to run their application workload. 

Read More arrow-right-tertiary

12/29/2021

Contrast Security Reveals The Log4j Attack’s Effects On Global Enterprises

The code security specialists at Contrast deliver an update on the most severe software vulnerability in history.

Read More arrow-right-tertiary

12/24/2021

SD Times Open-Source Project of the Week: SafeLog4j

SafeLog4j is an open-source tool that can detect and verify vulnerable Log4j applications and protect them.

Read More arrow-right-tertiary

12/21/2021

CSCP S03EP00 - Steve Wilson - Nightmare On Christmas Eve

Steve Wilson is an Application Security expert development manager and currently and currently the head of product at Contrast.

Read More arrow-right-tertiary

12/17/2021

What to Do While Waiting for the Log4J Updates

Researchers are warning that attackers are actively exploiting the newly publicized unauthenticated remote code execution vulnerability in Log4j, the Java-based logging tool from Apache. 

Read More arrow-right-tertiary

12/16/2021

No one’s losing faith over open source software despite Log4Shell, says expert

IT departments and developers around the world are furiously scanning applications for evidence of the critical zero-day vulnerability in the Apache log4j2 Java-based logging library in open source code on their systems. 

Read More arrow-right-tertiary

12/16/2021

SHARED INTEL: Log4j vulnerability presents a gaping attack vector companies must heed in 2022

As we close out 2021, a gargantuan open-source vulnerability has reared its ugly head.

Read More arrow-right-tertiary

12/16/2021

NEWS INSIGHTS: THE LOG4J DISASTER

The Log4j cyber threat is being compared to the notorious Equifax hack of 2017, which affected 147 million Americans. However, the Log4j exploit has far greater reach due to the software component’s widespread adoption.

Read More arrow-right-tertiary

12/15/2021

Log4j vulnerability is “absolutely brutal”

A major vulnerability was discovered Thursday in the technology Log4j, which is a popular logging package in Java. 

Read More arrow-right-tertiary

Experience Contrast today

See how you could get secure code moving on the Contrast Secure Code Platform