<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

Thought Leadership



On the Street Interview

Instrumenting Application Security with Scott Parson

Jeff Williams catches up with Scott Parson from a Fortune 500 Financial Institution to discuss instrumenting application security.

On the Street Interview

Continuous Application Security with Tim Chase from Nielsen

Jeff Williams and Tim Chase, from Nielsen, discuss what it means to have continuous application security at his company.

On the Street Interview

Investing in the AppSec Market

Jeff Williams talks with John Monagle of General Catalyst, in regards to investing in aAppSec, how the DevOps movement is changing the market and Contrast's role in it.


Introduction to Contrast Security

Contrast leverages instrumentation instead of slow and expensive testing and is 10 times more accurately than legacy SAST and DAST tools.

Thought Leadership

Dark Reading Interview with Jeff Williams

Talk about a revolution…in application security that is.


Intro to IAST

Interactive Application Security Testing works in fundamentally different ways than static or dynamic tools by using instrumentation technology.


IAST as part of the SDLC

This brief video explains how Contrast Enterprise works seamlessly within your SDLC, without disrupting your processes.

On the Street Interview

What does IAST mean to you?

Click on the player to watch a short interview (:39)


Introduction to RASP

Runtime Application Self-Protection (RASP) enables applications to protect themselves against cyber-attacks in real-time.

OWASP Benchmark

How it Works

Hear Jeff Williams, as he discusses the OWASP Benchmark Project in this short (5:38) video.

On the Street Interview

DevOps teams and AppSec?

Click on the player to watch a short interview (1:31)

On the Street Interview

What does RASP mean to you?

Click on the player to watch a short interview (:35)

On-Demand Webinars


Massive Java "Zero Day": What is It and How to Fix It

Learn why the widespread flaw makes Heartbleed look tame. Also, learn how RASP technology is perfectly suited to protect applications vulnerable to Java deserialization exploits and many other types of attacks.


Demystifying Runtime Application Self-Protection – RASP

Gartner has recognized a new category of application security calling it Runtime Application Self-Protection (RASP). RASP is “transformational” because it enables new ways of securing business. But, how can applications protect themselves against attacks, especially if those protections weren’t built in by the app developers?


Video On Demand: What's Killing SAST?

See how a unique technology let’s you build applications that accurately self-diagnose vulnerabilities and self-protect against attacks, without changing a line of code.


OWASP AppSec Benchmarking Project: Astonishing Results

See how Contrast stacks up against the OWASP Benchmark in this on-demand video (55:00). The results are illuminating.


IAST: AppSec at Agile Speed & Portfolio Scale

It is time to learn about interactive application security testing (IAST), a technology that is transforming the way businesses approach finding and remediating vulnerabilities.


Cybersecurity Webinar with Gene Kim and Jeff Williams

Listen to Jeff Williams, CTO of Contrast Security and co-founder of OWASP, in a lively conversation with Gene Kim, researcher, author, Tripwire founder. Jeff and Gene will discuss DevOps and continuous app security.

Chief Information Security Officer.png

On-Demand Recording: Rich Licato, CISO, Airlines Reporting Corporation (ARC)

Listen to Jeff Williams, CTO of Contrast Security and co-founder of OWASP, discuss topics regarding risk and compliance in an overall security program.


Break Your Application Security Bottleneck

Listen as we discuss some of the pitfalls of legacy application security tools and why they have failed. We will then introduce a new approach for securing applications that will help you break your security bottleneck with a breakthrough solution.


Security Influencers Channel

Episode 31

In this episode, we discuss Jacob's views on the top security challenges facing companies today.

Security Influencers Channel

Episode 30

In this episode, we discuss why this past year is being referred to as the year of the breach.

Security Influencers Channel

Episode 29

We will discuss the notion of a public/private partnership to deal with cyber-attacks.

Security Influencers Channel

Episode 28

In this episode we discuss what exactly is the "Dark Net" and why it is important.

Security Influencers Channel

Episode 27

In this episode we discuss what Cylance does and what led Stuart to create the company after seeing the frustration of so many breeches.

Security Influencers Channel

Episode 26

In this episode, we discuss the games that Adam has created what these games do to help improve security for everyone.

Security Influencers Channel

Episode 25

In this episode, we discuss what Josh thinks about security's place in the "Internet of Things."

Security Influencers Channel

Episode 24

In this episode Nancy gives a brief history of security and illustrates what is not working.

Security Influencers Channel

Episode 23

On this episode of The Security Influencers Channel, we're joined by Bill Brenner. He's the Senior Program Manager for Editorial in the Information Security Group at Akamai.

Security Influencers Channel

Episode 22

In the podcast, we discuss how Agari reached the point where it is protecting 85% of all email boxes in the world and what its plans are from there.

Security Influencers Channel

Episode 21

In the podcast, we discuss John's background as a nuclear physicist turned security professional and why nhe believes in an "evidence-based" approach to security.

Security Influencers Channel

Episode 20

In the podcast, we discuss a predictions blog post that Andrew wrote in December of 2013 where he predicted five security "happenings" for 2014.

Security Influencers Channel

Episode 19

In this episode, Michele explains the meaning of a term she coined, "Security Stoogecraft," and why she feels it is the best way to describe today's security landscape.

Security Influencers Channel

Episode 18

Kevin and I discuss his thoughts on what he calls "Leading design of the human oriented information security experience."

Security Influencers Channel

Episode 17

In this episode, we talk about how we get developers to do their own security and why he views security as one of the "hardest careers out there."

Security Influencers Channel

Episode 16

Jeff explains the challenges of bringing network security to a stack that was not designed to be defended.

Security Influencers Channel

Episode 15

Troy and I discuss all of the recent high profile security breaches of Target, Home Depot and Apple and what that means for the state of security in today's landscape.

Security Influencers Channel

Episode 14

Today, we're talking with my good friend, Samy Kamkar. Samy is a security and privacy researcher, computer hacker, whistleblower, entrepreneur.

Security Influencers Channel

Episode 13

Neil and I discuss his philosophy on automating applications security and doing continuous delivery - DevOps style.

Security Influencers Channel

Episode 12

In this episode we discuss the mission of the Cloud Security Alliance and what the organization seeks to accomplish.

Security Influencers Channel

Episode 11

In this episode, Brian and I discuss how we enstill the wrong security mindest in children from a young age.

Security Influencers Channel

Episode 10

In this episode, John and I discuss the evolution of application security and how the trend in faster development cycles plays into the security life cycle.

Security Influencers Channel

Episode 9

In this episode, Nick and I discuss DevOps, continuous security and how companies should handle high rates of deployment.

Security Influencers Channel

Episode 8

In this episode, Gene and I discuss DevOps, continuous security, and how a company develops a great security culture.

Security Influencers Channel

Episode 7

In this episode, we're talking with Bradley Schaufenbuel. Brad is currently the Director of Information Security at Midland States Bank and held security leadership positions at many leading financial institutions.

Security Influencers Channel

Episode 6

In this episode, Jeff Williams interviews Alex Hutton, the director of information security at Too Big to Fail Bank. Alex was previously employed by Verizon, where he worked on modeling risk and contributing to the Verizon data breach report.

Security Influencers Channel

Episode 4

In this episode, Jeff Williams interviews Wayne Jackson of Sonatype. They discuss the results from The 2014 Open Source Development Survey, where developers gave their honest opinions on everything from third-party code to internal policies and procedures.

Security Influencers Channel

Episode 3

In this episode, Jeff Williams interviews Andrew Hay of Open DNS. They discuss bad credential management and the recent eBay breach, thinking with the mind of an attacker, firewalls and security in the cloud.

Security Influencers Channel

Episode 2

In this episode, Jeff Williams interviews Bruce Brody of Cubic Cyber Solutions, a leading provider of specialized systems and services in the rapidly changing world of technology.

Security Influencers Channel

Episode 1

In this episode, Jeff Williams interviews Jonathan Chow and Neeta Maniar of Live Nation Entertainment: The world's leading producer and promoter of live entertainment, and the parent company of Ticket Master and The House of Blues.

Are you ready to transform your application security?

Learn the 5 facts you must know about runtime application self-protection (RASP).
Get the Brief