Contrast Security Introduces Partnership With Github And New Github Actions To Deliver Pipeline-Native Security To Developers
A new suite of GitHub Actions available on the GitHub Marketplace provides embedded and automated security into existing developer value streams.
February 2, 2022 — Los Altos, CA — Contrast Security, the leader in next-gen code security, today announced its partnership with GitHub and the availability of its suite of GitHub Actions, simplifying the process for developers to ensure the code they build is free of security vulnerabilities.
Implementing DevSecOps transformation across software delivery pipelines is complex and takes developers out of their existing CI/CD processes. According to the Gartner® report Survey Analysis: Enabling Cloud-Native DevSecOps, “40% of organizations have difficulty integrating new processes and security toolsets with their existing legacy ones.”
"The addition of Contrast's GitHub Actions to the GitHub Marketplace makes it much easier for development, security, and platform operations teams to drive DevSecOps transformation with automation at scale," said Nikesh Shah, Sr. Director, Strategic Alliances at Contrast Security. “By shifting security automation left within native CI/CD tooling, developers can now embed security within delivery pipelines as their code makes its way from build to test, and through production.”
Now available for deployment, Contrast's four GitHub Actions embed security into existing developer value streams with each commit, pull request, test, and deployment.
- Contrast Scan Analyze: Provides automated static code analysis within native CI pipelines, without ever leaving the GitHub environment, while prioritizing exploitable vulnerabilities and weeding out noise for scan times that are up to 10x faster than competing static application security testing (SAST) tools. How-to-fix guidance within the GitHub pipeline also enables early remediation before promoting to production.
- Contrast Assess for Azure Spring Cloud: Deploys as a java application with a Contrast Assess Security Java Agent (JAR) to the Azure Spring Cloud PaaS environment to extend security into SDLC automation.
- Contrast Assess for Azure Kubernetes Service (AKS): Builds and deploys a java application to the AKS with a Contrast Security Java Agent.
- Contrast Assess for Amazon Elastic Kubernetes Service (EKS): Builds and deploys a java application to the Amazon EKS with a Contrast Security Java agent.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved. Source: Gartner, Survey Analysis: Enabling Cloud-Native DevSecOps, 13 September 2021, By Dionisio Zumerle
About Contrast Security:
Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.
Recent Press Releases
Contrast Security Rolls Out Open Source Software Sponsorship Program to Support Developers
Contrast Security to Address Serverless Application Vulnerabilities and Risks Enterprises Face Today at AWS re:Invent
Contrast Security SVP of Cyber Strategy Joins The Wall Street Journal Risk & Compliance Forum to Dissect New Government Regulations and Enforced Critical Infrastructure Cybersecurity Best Practices.
Award and Recognition
Contrast Security Makes Its Debut on the Inc. 5000 List of America’s Fastest Growing Companies
Contrast Security Named Enterprise Security Tech Cyber Top 20 Company
Contrast Security Named Publisher’s Choice DevSecOps and Market Leader Software Development Lifecycle Security by Global InfoSec Awards