Contrast ASSESS

CONTRAST ASSESS AUTOMATICALLY IDENTIFIES SOFTWARE VULNERABILITIES IN APPLICATIONS AND APIS BY USING INSTRUMENTATION TO PINPOINT AND PRIORITIZE.
 

Why Assess

DETECTS VULNERABILITIES IN CUSTOM CODE AND LIBRARIES THROUGH A MODERN APPSEC APPROACH FROM THE INSIDE BY CONTINUOUSLY DETECTING AND PRIORITIZING CUSTOM CODE VULNERABILITIES, WHILE PROVIDING THE HIGHEST ACCURACY, EFFICIENCY, SCALABILITY, AND COVERAGE FOR APPLICATION SECURITY.
IDENTIFY VULNERABILITIES AT DEVOPS SPEED

Resolve security issues minutes after installation by integrating security into your workflow. Because Contrast agents monitor code and report from inside the application, developers can finally find and fix vulnerabilities without requiring security experts. That frees up security teams to focus on providing governance.

OBTAIN THE MOST ACCURATE RESULTS

Contrast deploys an intelligent agent that instruments the application with smart sensors. The code is analyzed in real time from within the application. Instrumentation minimizes the false positives that slow down developers and security teams.

SIMPLIFY APPLICATION SECURITY

Resolve security issues minutes after
installation by integrating security into your toolchain. Contrast Assess integrates seamlessly into the software life cycle and into the toolsets that development and operations teams are already using, including native integration with ChatOps, ticketing systems and CI/CD tools, and a RESTful API.

Key Features

IAST_Assess_Page-Graphic1
LIVE ARCHITECTURE & FLOW VIEW
IN-DEPTH VISUALIZATION OF APPLICATION COMPONENTS, CODE TREES, AND DATA FLOW

In order to manage software inventory and identify aggregate risk in applications, and by leveraging the instrumentation insights of the Contrast agent, organizations can visualize application architecture, code trees, and message flow information. Contrast automatically generates simple diagrams that illustrate the application’s major architectural components. This information helps the developer quickly identify the meaning of a vulnerability that Contrast pinpoints and can form a starting point for threat modeling remediation.

IAST_Assess_Page-Graphic2
CODE-LEVEL “HOW TO FIX”
DEVELOPER-FRIENDLY REMEDIATION GUIDANCE

The Contrast platform explains vulnerabilities to those that need to understand and fix them. Contrast’s innovative Security Trace format pinpoints exactly where a vulnerability appears in the code, and how it works. This enables developers to fix vulnerabilities easily without the need of security expertise.

IAST_Assess_Page-Graphic3
ROUTE & URL COVERAGE ANALYSIS
GAIN VISIBILITY INTO THE FULL APPLICATION ATTACK SURFACE

Contrast Assess provides developers a mapping of the URL and routes of their software that are executed during the testing phase of the SDLC. This helps security teams increase confidence in the coverage of the Assess solution as well as developers identify the effectiveness of their overall testing practice.

SEE CONTRAST IN ACTION

DISCOVER HOW CONTRAST ASSESS WORKS BY DEPLOYING AN INTELLIGENT
AGENT THAT INSTRUMENTS AN APPLICATION WITH SMART SENSORS TO ANALYZE CODE IN REAL TIME FROM WITHIN THE APPLICATION. LEARN HOW INSTRUMENTATION WORKS TO FIND VULNERABILITIES IN CUSTOM AND PEN-SOURCE CODE AND HOW IT COMPARES TO LEGACY APPLICATION SECURITY APPROACHES.