Contrast Security Named a Major Player in IDC MarketScape: Worldwide Application Security Testing, Code Analytics, and Software Composition Analysis 2022 Vendor Assessment
May 3, 2022 — Los Altos, CA — Contrast Security (Contrast), a leader in code security that empowers developers to secure-as-they code, today announced it was named a Major Player in the IDC MarketScape: Worldwide Application Security Testing, Code Analytics, and Software Composition Analysis 2022 Vendor Assessment — Coordinating Security and Quality for Resilience and DevSecOps (doc #US47097521, March 2022).
The IDC MarketScape discussed how the company's technology "leverages binary instrumentation in which sensors are embedded within application servers, runtime and user libraries, and other components for vulnerability and attack detection. Contrast Security's hybrid approach (combining IAST, SAST, DAST, SCA, and runtime application self-protection [RASP]) enables contextualization, improving execution and the ability for developers to remediate issues while helping decrease the percentage of false positives (according to users with whom IDC has spoken)," according to Melinda-Carol Ballou, research director at IDC. In addition, during the Log4Shell crisis, the collective product capabilities supported Contrast users.
“Contrast’s Access solution identified the underlying log-injection vulnerability while Contrast SCA started reporting vulnerable Log4J versions and Contrast Protect helped prevent harmful behaviors that attackers used to exploit Log4Shell, including untrusted deserialization and expression language injection," said Ballou in the report. "These combined AST, SCA and RASP efforts helped developers respond quickly.”
Contrast works with global enterprises and their developers to build secure code through the software development process. Contrast takes a unique approach by combining static application security testing (SAST), dynamic application security testing (DAST), interactive application security testing (IAST), and run-time application self protection (RASP) with Software Composition Analysis (SCA). This provides enables contextualization, improving execution and the ability for developers to remediate issues while helping decrease the percentage of false positives.
"We are nowhere near the end of seeing major attacks like Log4J and Spring4Shell," said Jeff Williams, Co-founder and Chief Technology Officer at Contrast Security. "Hackers will continue to target common open source and free software libraries so enterprises need to invest and leverage Runtime Protection solutions, such as Contrast Protect, to identify weaknesses within their code and defend immediately without patching now."
IDC MarketScape’s rigorous research methodology looks beyond market share and provides a clear framework comparing the product and service offerings, capabilities and strategies, and current and future market success factors for each vendor. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and prospective vendors. An excerpt of the IDC MarketScape report can be downloaded here.
About IDC MarketScape:
IDC MarketScape vendor assessment model is designed to provide an overview of the competitive fitness of ICT (information and communications technology) suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. IDC MarketScape provides a clear framework in which the product and service offerings, capabilities and strategies, and current and future market success factors of IT and telecommunications vendors can be meaningfully compared. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and prospective vendors.
About Contrast Security:
Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.
Public Relations Manager
Recent Press Releases
Contrast Security Rolls Out Open Source Software Sponsorship Program to Support Developers
Contrast Security to Address Serverless Application Vulnerabilities and Risks Enterprises Face Today at AWS re:Invent
Contrast Security SVP of Cyber Strategy Joins The Wall Street Journal Risk & Compliance Forum to Dissect New Government Regulations and Enforced Critical Infrastructure Cybersecurity Best Practices.
Award and Recognition
Contrast Security Makes Its Debut on the Inc. 5000 List of America’s Fastest Growing Companies
Contrast Security Named Enterprise Security Tech Cyber Top 20 Company
Contrast Security Named Publisher’s Choice DevSecOps and Market Leader Software Development Lifecycle Security by Global InfoSec Awards