Thought Leadership


Product Videos

60 Minute Product Demo
60-Minute Product Demo

Contrast Security Demo & Overview

Watch a demo presented by Jeff Williams, CTO and Co-Founder of Contrast Security, and Ed Amoroso, former CISO at AT&T and Founder of TAG Cyber.

Contrast Demo Video
9-Minute Product Demo

Contrast Security Product Highlights

Watch a short high-level overview of Contrast Assess and Contrast Protect to see how we make software self-protecting to prevent vulnerabilities and block attacks.

Product Video

Next Generation Application Security

See how Contrast Security works with Agile & DevOps processes to accomplish maximum security at maximum speed for all application deployments.

Product Video

DevOps Ready Security

Short video to learn how Contrast Security enables development and operations teams to deliver secure code while working at DevOps speed.

60-Second Overview

Contrast High-level Overveiw

A short explaination to learn how Contrast Security uses instrumentation to deploy and accurately identify application vulnerabilities in minutes without experts or legacy SAST and DAST tools.

Product Overview

Introduction to Contrast Assess

Learn how Interactive Application Security Testing (IAST) uses instrumentation to find and remediate vulnerabilities and insecure libraries. We will compare Contrast Assess to other legacy security testing methodologies.

Product Overview

Contrast Assess as Part of the SDLC

Contrast Assess deploys an intelligent agent that instruments the application with smart sensors to analyze code in real-time from within the application. No need to disrupt and change the way you work.

Product Overview

The Contrast Advantage

Jeff Williams, CTO and Co-Founder of Contrast Seucurity, explains what it means to have "self-protecting" software.

Product Overview

Introduction to Contrast Protect

Contrast Protect leverages Runtime Application Self-Protection (RASP) and patented deep security instrumentation to protect applications against cyber attacks in real-time, making it the most accurate, fastest and scalable application security solution.

Product Video

Contrast Protect Advantages Over WAF

Watch first hand how Contrast Protect (RASP solution) avoids the need for WAF's by working from the inside of a running application to provide better visibility and accuracy to find and block attacks.

Product Video

Contrast Security Advantages Over WAF – SQL Query Example

Watch this short video to see how Contrast Security protects applications and blocks SQL injections attacks better than WAF's.

On-Demand Webinars & Conference Presentations

On-Demand Webinar

What the WAF: Understanding and Augmenting What the WAF Cannot See

A Web Application Firewall (WAF) has limited capabilities to secure your code during production. Using a Runtime Application Self-Protection (RASP) tool will work from within the application via instrumentation and easily deploys in your DevOps, Cloud and Container environments. We’ll highlight what WAFs can and cannot see and why they require RASP to function at its fullest.

On-Demand Webinar

Key Application Security Strategies for Your Cloud Migration

Organizations are migrating from traditional legacy technologies to embracing today's Digital Transformation with modern cloud computing. These activities, in turn, are driving the need for stronger security. This webinar will help you understand how Contrast solves this problem by using instrumentation within the application to protect wherever they are deployed and automatically report and block attacks.

On-Demand Webinar

Cloud-Native Security: Processes and Tools for Real-World Transformation

Cloud-native platforms not only make it easier to support the kind of cultural shift necessary for continuously shipping software, they make it easier to practice good security and reduce the available attack surface. But an attack on the application itself can undermine all platform controls. Learn to secure your code in runtime at scale for cloud-native production applications.

On-Demand Webinar

Cloud-Native Security: Understanding the Why & How

Join Jeff Williams, Co-Founder & CTO of Contrast Security, and David Zendzian, CTO of Compliance and Security at Pivotal, for a discussion on best practices to ensure an organization's Cloud-Native Transformation is secure at the speed of DevOps.

On-Demand Webinar

Modern Software Assurance Strategies for Government Agencies

Join in to discuss the principles of DevOps with an innovative approach of IT security known as DevSecOps. DevSecOps introduces automated security much earlier in the Software Development Life Cycle (SDLC) to minimize vulnerabilities and bring security closer to IT and govrnment business objectives.

On-Demand Webinar

What Works in Application Security: How to Detect & Remediate Application Vulnerabilities & Block Attacks

Traditional Application Security Testing tools are too slow to meet the accelerated pace of today's business environment. In this webinar, we will discuss how Contrast Security's products is an innovated and improved Application Security Testing tool by using detailed metrics.

Resource Whitepaper
On-Demand Webinar

Under the Hood with Static Analysis - Fact vs Fiction

Tune in to this technical webinar to walk through the basics of static analysis, such as semantic analysis and how data flow works between source and sink. We will also address how the model structure is built, queried, and impacted by different development techniques to give you a better understanding of how static analysis falls short of fulfilling all of your security needs.

On-Demand Webinar

Securing Java Web Applications and APIs in minutes...for FREE...Seriously!

We've all suffered from a difficult, inaccurate, and frustrating security tool. What if there was a security tool that was as easy and powerful to use as AppDynamics? In this webinar, we will help you get up and running with Contrast Security's Community Edition FREE and full-strength tool for anyone to use. Start securing your code, lock down open source libraries, identify attacks, and prevent exploits using our free AppSec solution.

Resource Whitepaper
On-Demand Webinar

The DevSecOps Journey: Why It Starts with Agile, DevOps, & App Security

Traditionally, security has been an afterthought and introduced late into the release process. This can cause major contention and distrust between development and security teams. This webinar will highlight how a modern IAST tool can help weave security into the code continuously and accurately throughout the Software Development Life Cycle (SDLC).

On-Demand Webinar

Embedding Security in a Modern DevOps Pipeline – A Customer Perspective

Hear directly from a customer's perspective on how Beeline, the world leader in contingent workforce solutions, aligned their Development, Operations, and Security practitioners to set up a fully automated continuous integrated and continuous delivery (CI/CD) pipeline and incorporated application security early in the process.

On-Demand Webinar

Targeted Defense: The Future of Defending Applications in Production

Development teams have struggled with a massive security backlog for how rapid they need to work to release software. Protecting your legacy applications is critical to your business and therefore necessary for your organization to have better production controls. Listen in to learn Contrast Security's new Targeted Defense Platform using RASP technology to defend your applications in production.

On-Demand Webinar
On-Demand Webinar

Application Security Testing for an Agile & DevOps World

Security teams have a hard time keeping pace with software development in Agile & DevOps environments. Every year, Verizon Data Breach Investigations Report shows applications are the most targeted attacks. Automatically detecting vulnerabilities and protecting your applications in real-time should be top priority in an organization. Listen to this webinar to start developing a winning application security strategy.

Equifax, Struts and You
On Demand Webinar

Equifax, Struts and You

The Equifax breach was a watershed moment for software application security. The root cause is confirmed to be a web application security issue tied to a widely used software framework called Apache Struts 2. To gain a better understanding of these events, listen to this webinar to learn how to shield yourself against Struts 2 attacks. We will review how Contrast Labs saw these issues and continues to see exploit attempts.

On Demand Webinar

Scaling Rugged DevOps to Thousands of Applications

Tim Chase, Director of Application Security and Architecture at Nielsen, discusses how he scales Rugged DevOps and achieves continuous protection during development and operations by instrumenting the software application portfolio, assessing and protecting applications in parallel, and deploying integrations that provide instant notifications.

Interviews with Security Experts

Information Security Media Group Interview

The Challenge of Secure Coding

Nick Holland, Director of Banking & Payments at the Information Security Media Group and Jeff Williams, CTO and Co-founder of Contrast Security discuss the challenges of writing secure code.

DARKReading Interview

Boost Application Security with Self-Protecting Software

Terry Sweeny, Editor at DARKReading and Jeff Williams, CTO and Co-founder at Contrast Security discuss the need for a modern approach with more accurate tools to help development teams code without the need to stop and scan.

Security Experts Insight

Cyber Security and Digital Transformation

Contrast Security CEO, Alan Naumann chats with former CISO of AT&T Ed Amoroso on the importance of software security, DevOps initiatives, and the future of digital transformation. (10:06)

Security Experts Insight

Realistic Approaches to AppSec & the Future of Cyber Security

Hear a conversation with Contrast Security's Co-Founder & CTO, Jeff Williams and former CISO of AT&T, Ed Amoroso, as they discuss how to approach application security and what the future of cyber security looks like. (10:18)

On the Street Interview

Instrumenting Application Security

In this video, hear Scott Parson, Senior Enterprise Security Architect of a Fortune 500 Financial Company, discuss the importance of continuous application security and how automation and cloud infrastructure has impacted his organizations approach to application security. (02:25)

On the Street Interview

Continuous Application Security with Tim Chase from Nielsen

In this brief video, hear Tim Chase, Director of Application Security and Architecture at Nielson, discuss the importance of continuous application security and what he thinks the future will hold for security testing, including DevSecOps. (02:15)

On the Street Interview

Investing in the AppSec Market

In this video, Jeff Williams, Co-Founder & CTO of Contrast Security, talks with John Monagle of General Catalyst, in regards to investing in application security, how the DevOps movement is changing the market, and Contrast Security's role in this transformation. (03:15)

Thought Leadership

Dark Reading Interview with Jeff Williams

Hear Brian Gillooly, VP of Events Content & Strategy, at Dark Reading in an in-depth conversation with Jeff Williams, Co-Founder & CTO of Contrast Security. Topics included revolutionary changes taking place in both application security and DevOps as well as Jeff’s prestigious nomination as one of the three finalists in the "Most Innovative Thought Leader" category for his work as a cyber security innovator. (12:57)

On the Street Interview

What does IAST mean to you?

Watch this short video and hear from Director of Test, John Scarborough on how he defines Interactive Application Security Testing (IAST). (00:39)

DARKreading Interview

DevOps teams and AppSec?

Establishing a DevOps-ready security program is possible. In this video, hear from three folks who have successfully built and scaled the DevOps functions within their organizations. (01:31)

On the Street Interview

What does RASP mean to you?

Watch this short video and hear how Steve Herrod, Managing Director of General Catalyst Partners, defines and uses RASP technology as a decision-making tool. (00:35)