VIDEOS & WEBINARS

THOUGHT LEADERSHIP

WEBINARS

What Modern DevSecOps Means for Public Agencies
Upcoming Live Fireside Chat

What DevSecOps Means for Public Agencies

60% of Public Agencies Use DevOps and Agile But It Takes An Average of 500 Days to Complete a Federal IT Project. Something is amiss! Join us on December 8 @ 10 AM PT | 1 PM ET for our two subject-matter experts for this Fireside Chat and discover why modern DevSecOps is the answer for federal agencies.

Unleashing Software's Potential with an Application Security Platform
On Demand Webinar

Unleashing Software's Potential with an Application Security Platform

Join us to discover why security roadblocks inhibit developer efficiencies while slowing down development cycles. A platform approach to application security solves these challenges, collapsing the different silos between application security tools for full observability across applications and application programming interfaces (APIs).

Screen Shot 2020-11-30 at 2.34.17 PM
On Demand Webinar

Simplify Vulnerability Remediation with Runtime Library Usage

Far too many software composition analysis (SCA) tools serve up a slew of irrelevant vulnerabilities in open-source libraries and frameworks that aren’t actively used, leaving developers frustrated when it comes to securing open-source code. Join us with key insights from AppSec professionals and come away with a stronger understanding of how to deliver developers the data they need to fix vulnerabilities, fast.

 
On Demand Virtual Event

Security Observability Summit

Contrast Security hosted the industry's first Security Observability Summit. You will experience one inspiring keynote, two comprehensive breakouts, and nine eye-opening sessions.

 
On Demand Webinar

Contrast-on-Contrast Case Study: How We're Using Our Application Security Platform from Development to Production

At Contrast Security, we’ve been “eating our own cooking” to secure and protect TeamServer—the assessment analysis engine and UI that powers the Contrast Application Security Platform. Join this webinar and we will share some tangible business value outcomes that we've achieved using the Contrast Application Security Platform. Join the List Now!

Screen Shot 2020-09-22 at 11.59.01 PM
On Demand Virtual Event

From the Inside Out

Contrast Security held a virtual event with a panel of AppSec experts for an exclusive inside look on how you not only can get control of runaway security debt, but can actually reduce it dramatically. This moderated panel of AppSec pros shared stories about their own experiences and the strategies they employed to reduce security debt permanently. You will come away with key insights and tactics about how you can overcome security debt within your own organization.

Screen Shot 2020-08-20 at 12.31.32 PM
On Demand Webinar

Lessons from Top Echelon Development Teams: Higher Quality Code and Higher Productivity

Attendees will learn how the "cream of the crop" are accelerating their release cycles and transforming their businesses by launching new applications and evolving existing ones. The digital age completely changes DevSecOps, and only those in the top echelon of practitioners are likely to succeed.

HOW TO TRANSITION TO A MODERN SOFTWARE SECURITY MODEL
On Demand Webinar

HOW TO TRANSITION TO A MODERN SOFTWARE SECURITY MODEL

Medtronic embraced a modern application development approach to DevSecOps; increasing scale, eliminating noise from false positives, and bridging the gap between development and security teams. Watch this webinar to hear how Medtronic accelerated cloud migration and increased software delivery.

Screen%20Shot%202020-08-24%20at%202.34.07%20PM
On Demand Webinar

A Five-Step Plan to Vulnerability Management Success

Join us to discover a new approach for effective vulnerability management. Observability is key when it comes to the five-step plan that security and development teams need to implement for effective vulnerability management. By implementing this five-step plan, attendees will drive more effective threat prevention and achieve better risk management.

Screen Shot 2020-08-03 at 11.30.45 AM
On Demand Webinar

Bringing an End to Security Roadblocks

Most traditional application security (AppSec) requires a slew of tedious manual processes that are failing modern DevOps teams in both efficiency and effectiveness. Since these legacy AppSec tools cannot keep pace with modern DevOps, security teams have long struggled to control and limit the amount of serious application vulnerabilities. Watch this webinar to learn how a modernized approach to AppSec can meet the needs of both security and DevOps teams.

Screen Shot 2020-07-31 at 12.00.25 PM
On Demand Webinar

Assessing the Risk from the Confluence of an Expanded Application Attack Surface and Advanced Threat Landscape

Join us to gain insights on how the confluence between the rapidly expanding application attack surface and the evolving threat landscape poses serious risk. After mapping out the challenges, our expert panel will share insights around strategies and tactics that organizations can tap to bolster their application risk postures and ensure their applications are protected.

Screen Shot 2020-07-23 at 12.47.49 PM
On Demand Webinar

Digital Transformation Thwarted: When Your AppSec Tools, Scanning, and Resources Become Your Mr. Hyde

Join us to understand how Dr. Jekyll AppSec has turned into Mr. Hyde—not only in terms of the productivity of security teams but in the risk applications pose. Key takeaways include why traditional tools drive operational inefficiencies, how old security tools generate huge volumes of alerts that are inaccurate and often meaningless, and why old scanning and testing tools require AppSec professionals with highly specialized expertise and skills that are in high demand.

Screen Shot 2020-07-20 at 11.34.42 AM
On Demand Webinar

Application Security Jumps to the Top of the CISO's List of Priorities

As the modern-day CISOs role continues to expand, CISOs must mitigate both business risk and execute successful cybersecurity strategies. This is especially true when it comes to the risk of application development vulnerabilities that can result in dire financial consequences—ranging from diminished brand reputation to severe financial loss. Tune in for a special moderated webinar that will feature insights from a seasoned executive recruiter and CISO practitioner about what it takes to manage an effective application security strategy.

Screen Shot 2020-07-01 at 12.34.28 PM
On Demand Webinar

Managing Open-Source Security for Modern-Day DevOps

Is managing open-source software (OSS) with legacy tools causing more harm than good? This is often the case when it comes to outdated software composition analysis (SCA) tools that bury teams with false positives and require a series of tedious manual processes that waste valuable time. Tune in with us for a webinar that will explain how these SCA tools fall short when it comes to managing OSS risk, as well as how to untangle the confusion and find a security strategy that doesn’t stop DevOps in its tracks.

Screen Shot 2020-06-18 at 11.36.56 AM
On Demand Webinar

RASP for Attack Visibility, Web Application Observability, and Simple Scaling

Let’s face it—traditional web application firewalls (WAFs) simply can’t keep pace with the demands of digital transformation in DevOps environments. Applications are deployed faster and leaner than ever before and AppSec professionals need protection that moves beyond the traditional and simplistic perimeter defenses a WAF can offer. Join this webinar for a discussion about how RASP delivers an innovative application security alternative that adapts and reacts in real time. With RASP, teams gain the necessary attack visibility, application observability, and scalability they require.

Screen Shot 2020-06-18 at 11.37.58 AM
On Demand Webinar

Defining and Stopping the "Plague" of Application Security False Positives

False positives in application security are the kiss of death. They kill time, confidence, and ultimately, the application if they detract from security’s ability to focus on the critical vulnerabilities. Attend this webinar to get a better perspective on how pervasive the issue of false positives is, and the impact these erroneous alerts have on an organization—from the effects of alert fatigue to the impediments on a company’s digital transformation.

Screen Shot 2020-06-18 at 11.39.54 AM
On Demand Webinar

Assessing Custom and Open-Source Risk with Vulnerability and Attack Data

Get a sneak peek at our latest Contrast Labs findings, in this webinar you’ll learn what vulnerabilities and attacks in custom and open-source coded applications are the critical causes for concern. Effective web application security isn’t only about identifying vulnerabilities and attacks, as a matter of fact, that leads to alert fatigue. Today it’s about prioritizing and focusing and identifying what matters—sifting out the chaff from the wheat. Attend this webinar to get that leg up in your efforts.

Screen Shot 2020-06-18 at 11.38.49 AM
On-Demand Webinar

The Best Route To AppSec Automation

In this webinar, our panel discusses how modern software development is the driver of an organization’s digital transformation and how application security is transforming to meet the modern demands. Learn how to empower faster code releases and scale application security through automation.

DZone webinar
On Demand Webinar

DZone Webinar: Securing APIs At Devops Speed

With attack-automation tools working around the clock, there’s no REST for the wicked. The increasing speed of DevOps and continuous deployment paves the way for teams to obtain security through on-demand self-service – securing APIs from the inside rather than the outside. Watch this on demand webinar if you are a Developer who wants to push code faster by removing the obstacles of securing APIs as mandated by your security teams.

Screen Shot 2020-05-07 at 3.16.02 PM
On-Demand Webinar

Why Agile & DevOps Demand New Approach to Securing Applications.

This moderated webinar panel tells you why Agile and DevOps requires a new approach to application security. This includes a cultural transformation that touches on everything that is needed for today’s modern software development environment—from strategies for building a strong security posture, to continuous protection through the software development life cycle, to automating workflows.

xEVvelocityinnovation0420
On-Demand Webinar

Security in a DevOps World: Unlocking Velocity and Innovation

Learn how to leverage application security instrumentation techniques in DevSec and SecOps (DevSecOps) to increase both developer and security productivity. Watch this webinar today to understand how the combined benefits of Microsoft and Contrast Security can help you accelerate innovation with Security in a DevOps world.

On-Demand xEVappsecintelreport
On-Demand Webinar

Findings and Takeaways from Contrast Labs Bimonthly AppSec Intelligence Report

Learn about key findings and takeaways from the latest Contrast Labs' Bimonthly AppSec Intelligence Report in this webinar. This is the only report in the industry that combines insights about vulnerabilities, library issues, and attacks in a single report. Others may give you separate slices of intelligence; we give you the whole enchilada. Attendees will walk away with an in-depth and actionable understanding of the report’s findings.

NIST Webinar
On-Demand Webinar

NIST Application Security Revisions You Need to Know

Learn how the new NIST revisions will significantly impact your application security strategy in our webinar, “NIST Application Security Revisions You Need to Know.” We’ll discuss how NIST SP 800-53 Revision 5 contains two new IAST and RASP standards that impact security teams and developers. Our two presenters will be joined by the Editor in Chief for Contrast’s Inside AppSec Podcast, Patrick Spencer, who will the above questions and others with our expert panel. You’ll walk away knowing how you can become compliant quickly and easily.

xEVSecuringAPIs0320
On-Demand Webinar

Securing APIs at DevOps Speed

Development teams and leaders want to push code faster and write good code while reducing interference from security teams. The only way to achieve these objectives is to rethink AppSec by integrating it into the DevOps pipeline. Attend this webinar if you are a Developer who wants to push code faster by removing the obstacles of securing APIs as mandated by your security teams.

xEVComprehensiveAppsec0220
On-Demand Webinar

A Comprehensive Approach to Application Security

Traditional approaches to AppSec have relied on a patchwork of separate disconnected tools and processes that add more friction than value by spending far too much time on scans and pentesting. We have a better idea. This talk will present our unified platform that provides continuous and comprehensive AppSec across the SDLC by seamlessly weaving AppSec into your applications themselves, protecting applications from cradle to grave.

xEVSecurityInstrumentation0120
On-Demand Webinar

Security Instrumentation is the Future of All Software

Uncompromised code. Imagine it. Well, a technology exists that can make it a reality: Instrumentation. The state of Application Security is in a flux, and it is for good reason. After literally decades of attempts to improve software security, the proverbial needle has barely moved. Join Jeff Williams, Contrast Security's CTO and co-founder of OWASP for a webinar to learn how AppSec professionals can benefit from instrumenting applications.

SAP Concur Cloud Journey
On-Demand Webinar

SAP Concur Cloud Journey

The journey of cloud migration isn’t a straight and narrow path, and enterprise DevSecOps teams generally use a variety of tools to reach their goal. In this webinar, we will deep dive into SAP Concur’s journey, and how they are leveraging Contrast Security’s embedded application security model and AWS in tandem to “shift left”, create a seamless developer experience, and deliver secure application workloads on the cloud.

Embracing DevSecOps DevOps.com Webinar
On-Demand Webinar

Embracing DevSecOps with Embedded Application Security

Traditional approaches to application security create unacceptable drag and scaling problems for DevOps, while security staffing and tooling requirements to support “more code, faster” create untenable economics. This webinar will be a discussion and hands-on workshop showing the transformative impact of embedding application security into applications themselves.

Building a Modern, Scalable, and Effective Application Security Program
On-Demand Webinar

Building a Modern, Scalable, and Effective Application Security Program

Over the past 20 years, there have been a dozen different major theories on how you should implement an application security program. The answer is a new modern approach to achieving application security that directly measures security outcomes instead of indirect measurements of processes or teams.

A Practical Approach to Security Automation
On-Demand Webinar

A Practical Approach to Security Automation

So your engineering team is using CI / CD and churning out code at a frenetic pace. It is unclear where the risk is, what controls to focus on and where in the SDLC to introduce those controls. We will introduce a practical, risk-based, PCI aligned approach to introducing security automation into the CI / CD pipeline to surface critical issues, shorten remediation time without bottlenecking the release. This approach will allow Engineering, Security and Internal Audit to ship product with confidence.

WhattheWAF_linkedin
On-Demand Webinar

What the WAF: Understanding and Augmenting What the WAF Cannot See

A Web Application Firewall (WAF) has limited capabilities to secure your code during production. Using a Runtime Application Self-Protection (RASP) tool will work from within the application via instrumentation and easily deploys in your DevOps, Cloud and Container environments. We’ll highlight what WAFs can and cannot see and why they require RASP to function at its fullest.

AWS2webinar
On-Demand Webinar

Key Application Security Strategies for Your Cloud Migration

Organizations are migrating from traditional legacy technologies to embracing today's Digital Transformation with modern cloud computing. These activities, in turn, are driving the need for stronger security. This webinar will help you understand how Contrast solves this problem by using instrumentation within the application to protect wherever they are deployed and automatically report and block attacks.

Webinarpart2pivitol-2
On-Demand Webinar

Cloud-Native Security: Processes and Tools for Real-World Transformation

Cloud-native platforms not only make it easier to support the kind of cultural shift necessary for continuously shipping software, they make it easier to practice good security and reduce the available attack surface. But an attack on the application itself can undermine all platform controls. Learn to secure your code in runtime at scale for cloud-native production applications.

webinar-cloudsec-pivotal-2
On-Demand Webinar

Cloud-Native Security: Understanding the Why & How

Join Jeff Williams, Co-Founder & CTO of Contrast Security, and David Zendzian, CTO of Compliance and Security at Pivotal, for a discussion on best practices to ensure an organization's Cloud-Native Transformation is secure at the speed of DevOps.

webinar-carahsoft-gvmt
On-Demand Webinar

Modern Software Assurance Strategies for Government Agencies

Join in to discuss the principles of DevOps with an innovative approach of IT security known as DevSecOps. DevSecOps introduces automated security much earlier in the Software Development Life Cycle (SDLC) to minimize vulnerabilities and bring security closer to IT and govrnment business objectives.

On-Demand Webinar

What Works in Application Security: How to Detect & Remediate Application Vulnerabilities & Block Attacks

Traditional Application Security Testing tools are too slow to meet the accelerated pace of today's business environment. In this webinar, we will discuss how Contrast Security's products is an innovated and improved Application Security Testing tool by using detailed metrics.

Resource Whitepaper
On-Demand Webinar

Under the Hood with Static Analysis - Fact vs Fiction

Tune in to this technical webinar to walk through the basics of static analysis, such as semantic analysis and how data flow works between source and sink. We will also address how the model structure is built, queried, and impacted by different development techniques to give you a better understanding of how static analysis falls short of fulfilling all of your security needs.

On-Demand Webinar

Securing Java Web Applications and APIs in minutes...for FREE...Seriously!

We've all suffered from a difficult, inaccurate, and frustrating security tool. What if there was a security tool that was as easy and powerful to use as AppDynamics? In this webinar, we will help you get up and running with Contrast Security's Community Edition FREE and full-strength tool for anyone to use. Start securing your code, lock down open source libraries, identify attacks, and prevent exploits using our free AppSec solution.

Resource Whitepaper
On-Demand Webinar

The DevSecOps Journey: Why It Starts with Agile, DevOps, & App Security

Traditionally, security has been an afterthought and introduced late into the release process. This can cause major contention and distrust between development and security teams. This webinar will highlight how a modern IAST tool can help weave security into the code continuously and accurately throughout the Software Development Life Cycle (SDLC).

Video
On-Demand Webinar

Embedding Security in a Modern DevOps Pipeline – A Customer Perspective

Hear directly from a customer's perspective on how Beeline, the world leader in contingent workforce solutions, aligned their Development, Operations, and Security practitioners to set up a fully automated continuous integrated and continuous delivery (CI/CD) pipeline and incorporated application security early in the process.

Video
On-Demand Webinar

Targeted Defense: The Future of Defending Applications in Production

Development teams have struggled with a massive security backlog for how rapid they need to work to release software. Protecting your legacy applications is critical to your business and therefore necessary for your organization to have better production controls. Listen in to learn Contrast Security's new Targeted Defense Platform using RASP technology to defend your applications in production.

On-Demand Webinar
On-Demand Webinar

Application Security Testing for an Agile & DevOps World

Security teams have a hard time keeping pace with software development in Agile & DevOps environments. Every year, Verizon Data Breach Investigations Report shows applications are the most targeted attacks. Automatically detecting vulnerabilities and protecting your applications in real-time should be top priority in an organization. Listen to this webinar to start developing a winning application security strategy.

scaling-devops
On Demand Webinar

Scaling Rugged DevOps to Thousands of Applications

Tim Chase, Director of Application Security and Architecture at Nielsen, discusses how he scales Rugged DevOps and achieves continuous protection during development and operations by instrumenting the software application portfolio, assessing and protecting applications in parallel, and deploying integrations that provide instant notifications.

Equifax, Struts and You
On Demand Webinar

Equifax, Struts and You

The Equifax breach was a watershed moment for software application security. The root cause is confirmed to be a web application security issue tied to a widely used software framework called Apache Struts 2. To gain a better understanding of these events, listen to this webinar to learn how to shield yourself against Struts 2 attacks. We will review how Contrast Labs saw these issues and continues to see exploit attempts.

CUSTOMER VIDEO TESTIMONIALS

 

Contrast Customers Discuss the Value of the DevOps-Native AppSec Platform

Contrast removes security roadblocks that slow development cycles, virtually eliminates alert noise caused by false positives, and extends security across the software development life cycle.

 

Federal Employees Program Operations Center (FEPOC)

Learn why FEPOC (branch of Blue Cross Blue Shield) chose Contrast to ensure applications have security posture to protect their company. FEPOC was looking for something robust, that scales well, and is easy to use in order to continue business without interruption.

 

American College of Radiology

American College of Radiology has agile methodologies in their SDLC, which means security tools have to shift left, allowing developers to have access to security tools. Learn how Contrast enabled American College of Radiology to leverage technology for security by finding errors as they run.

 

American College of Radiology

American College of Radiology selected Contrast, because it was providing really good information about the findings of vulnerabilities and context on how to fix them. Contrast has assisted in educating American College of Radiology’s developers to not just fix the issues but also to prevent them from happening again in the future.

PRODUCT VIDEOS

 
Thought Leadership

Contrast CEO, Alan Naumann, on Contrast

Our CEO discusses how software is affecting business transformation, the growing risks inherent in the pace of modern development, how security can evolve to scale, and why Contrast is uniquely positioned to deliver an application security posture that is effective.

 
Product Overview

Securing Government Applications with Contrast Security

Listen to Contrast CTO, Jeff Williams, discuss how Contrast is modernizing government agencies approach to application security.

 
Conference Presentations

The Time is Now for Contrast

Businesses are transforming. Innovation is being driven by software development. Learn how Contrast is leading the security evolution to ensure that innovation is secure.

 
Product Demo

Contrast Demo for Applications Running in AWS

Watch a step-by-step demo of how developers can reduce false positives, manual processes, and security roadblocks by embedding security directly into software through instrumentation.

60 Minute Product Demo
60-Minute Product Demo

Contrast Security Demo & Overview

Watch a demo presented by Jeff Williams, CTO and Co-Founder of Contrast Security, and Ed Amoroso, former CISO at AT&T and Founder of TAG Cyber.

Contrast Security Demo Video
9-Minute Product Demo

Contrast Security Product Highlights

Watch a short high-level overview of Contrast Assess and Contrast Protect to see how we make software self-protecting to prevent vulnerabilities and block attacks.

 
Product Video

Next Generation Application Security

See how Contrast Security works with Agile & DevOps processes to accomplish maximum security at maximum speed for all application deployments.

 
Product Video

DevOps Ready Security

Short video to learn how Contrast Security enables development and operations teams to deliver secure code while working at DevOps speed.

 
60-Second Overview

Contrast High-level Overview

A short explanation to learn how Contrast Security uses instrumentation to deploy and accurately identify application vulnerabilities in minutes without experts or legacy SAST and DAST tools.

 
Product Overview

Introduction to Contrast Assess

Learn how Interactive Application Security Testing (IAST) uses instrumentation to find and remediate vulnerabilities and insecure libraries. We will compare Contrast Assess to other legacy security testing methodologies.

 
Product Overview

Contrast Assess as Part of the SDLC

Contrast Assess deploys an intelligent agent that instruments the application with smart sensors to analyze code in real-time from within the application. No need to disrupt and change the way you work.

 
Product Overview

The Contrast Advantage

Jeff Williams, CTO and Co-Founder of Contrast Seucurity, explains what it means to have "self-protecting" software.

 
Product Overview

Introduction to Contrast Protect

Contrast Protect leverages Runtime Application Self-Protection (RASP) and patented deep security instrumentation to protect applications against cyber attacks in real-time, making it the most accurate, fastest and scalable application security solution.

 
Product Video

Contrast Protect Advantages Over WAF

Watch first hand how Contrast Protect (RASP solution) avoids the need for WAF's by working from the inside of a running application to provide better visibility and accuracy to find and block attacks.

 
Product Video

Contrast Security Advantages Over WAF – SQL Query Example

Watch this short video to see how Contrast Security protects applications and blocks SQL injections attacks better than WAF's.

INTERVIEWS WITH SECURITY EXPERTS

 
Information Security Media Group Interview

The Challenge of Secure Coding

Nick Holland, Director of Banking & Payments at the Information Security Media Group, and Jeff Williams, CTO and Co-founder of Contrast Security, discuss the challenges of writing secure code.

 
DARKReading Interview

Boost Application Security with Self-Protecting Software

Terry Sweeny, Editor at DARKReading, and Jeff Williams, CTO and Co-founder at Contrast Security, discuss the need for a modern approach with more accurate tools to help development teams code without the need to stop and scan.

 
Security Experts Insight

Cybersecurity and Digital Transformation

Contrast Security CEO Alan Naumann chats with former CISO of AT&T Ed Amoroso on the importance of software security, DevOps initiatives, and the future of digital transformation.

 
Security Experts Insight

Realistic Approaches to AppSec & the Future of Cyber Security

Hear a conversation with Contrast Security's Co-Founder & CTO, Jeff Williams and former CISO of AT&T, Ed Amoroso, as they discuss how to approach application security and what the future of cyber security looks like. (10:18)

 
On the Street Interview

Instrumenting Application Security

In this video, hear Scott Parson, Senior Enterprise Security Architect of a Fortune 500 Financial Company, discuss the importance of continuous application security and how automation and cloud infrastructure has impacted his organizations approach to application security. (02:25)

 
On the Street Interview

Continuous Application Security with Tim Chase from Nielsen

In this brief video, hear Tim Chase, Director of Application Security and Architecture at Nielson, discuss the importance of continuous application security and what he thinks the future will hold for security testing, including DevSecOps. (02:15)

 
On the Street Interview

Investing in the AppSec Market

In this video, Jeff Williams, Co-Founder & CTO of Contrast Security, talks with John Monagle of General Catalyst, in regards to investing in application security, how the DevOps movement is changing the market, and Contrast Security's role in this transformation. (03:15)

 
Thought Leadership

Dark Reading Interview with Jeff Williams

Hear Brian Gillooly, VP of Events Content & Strategy, at Dark Reading in an in-depth conversation with Jeff Williams, Co-Founder & CTO of Contrast Security. Topics included revolutionary changes taking place in both application security and DevOps as well as Jeff’s prestigious nomination as one of the three finalists in the "Most Innovative Thought Leader" category for his work as a cyber security innovator. (12:57)

 
On the Street Interview

What does IAST mean to you?

Watch this short video and hear from Director of Test, John Scarborough on how he defines Interactive Application Security Testing (IAST). (00:39)

 
DARKreading Interview

DevOps teams and AppSec?

Establishing a DevOps-ready security program is possible. In this video, hear from three folks who have successfully built and scaled the DevOps functions within their organizations. (01:31)

 
On the Street Interview

What does RASP mean to you?

Watch this short video and hear how Steve Herrod, Managing Director of General Catalyst Partners, defines and uses RASP technology as a decision-making tool. (00:35)