Skip to content

AppSec Observer

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe to Blog
Cybersecurity Insights with Contrast CISO David Lindner | 12/2

Cybersecurity Insights with Contrast CISO David Lindner | 12/2

Insight #1 "The fact that log4j is used in ~64% of Java applications and only 50% of those have updated to a fully..

Contrast Scan expands support to TypeScript & Vue.js

Contrast Scan expands support to TypeScript & Vue.js

JavaScript continues to hold the title as the most utilized programming language by development teams, with a 65% score..

7 AppSec predictions for 2023

7 AppSec predictions for 2023

Cybersecurity mayhem is looming in the new year: Contrast Security’s SVP of Cyber Strategy Tom Kellermann is predicting..

2023 will bring island hopping & attacks launched from Twitter

2023 will bring island hopping & attacks launched from Twitter

This is what Contrast Security experts see when they gaze into the cybersecurity crystal ball: Crooks will exploit the..

Contrast discovers zero-day flaw in popular Quarkus Java framework

Contrast discovers zero-day flaw in popular Quarkus Java framework

While preparing a talk for the recent DeepSec Conference about attacking the developer environment through drive-by..

Cybersecurity Insights with Contrast CISO David Lindner | 11/25

Cybersecurity Insights with Contrast CISO David Lindner | 11/25

Insight #1 " The recent FTX and Twitter debacles should really have people thinking about the security and privacy of..

Fall lawn cleanup – AppSec style

Fall lawn cleanup – AppSec style

Every year toward the end of September, I get anxious about the falling leaves. This year, I applied my Application..

Cybersecurity Insights with Contrast Co-founder and CTO Jeff Williams | 11/18

Cybersecurity Insights with Contrast Co-founder and CTO Jeff Williams | 11/18

Insight #1 " Feds continue to push aggressive timelines for requiring app/API security “attestations” from software..

Your cybersecurity mission: To defend from within

Your cybersecurity mission: To defend from within

Traditional network security and endpoint security have failed.