The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

Joe Coletta

Joe Coletta is a Sr. Product Marketing Manager at Contrast Security focusing on Open Source Security. Entering the AppSec field as a Security Program Manager, Joe has consulted dozens of organizations of varying sizes on how to work cross-functionally in order to scale their application security programs. Applying this frontline knowledge to a product marketing career, Joe develops go-to-market resources that capture the voice of AppSec practitioners in both Security and Development. On a personal note, Joe divvies his free time between reading, drawing, and Brazilian Jiu Jitsu

Contrast Scan Adds Support for Client-Side JavaScript - The World’s Most Popular Programming Language

ByJoe Coletta January 5, 2022

If you’re looking for the TL;DR version of this announcement, here it is: Contrast Scan has expanded its language coverage to include front-end languages with support for client-side JavaScript (JS) and jQuery. Now that we’ve got that covered,..

Continue Reading >>

Three Reasons Why Contrast SCA Is Best Suited for Log4Shell Rapid Response

With Log4j being such a ubiquitous library embedded in tens of millions applications across the Java ecosystem, it’s fairly obvious to understand why the Log4Shell CVE is being treated as a DEFCON 1-class situation. To add salt to the wound, many..

Continue Reading >>


ByJoe Coletta October 25, 2021

As readers of the AppSec Observer blog are aware, application attacks have continued unabated throughout the massive economic and social changes of the past two years. Most readers are also aware that an increasing number of cyberattacks target..

Continue Reading >>

Understanding Software Supply Chain Risks and How to Mitigate Them

ByJoe Coletta October 11, 2021

As demand for new applications continues to rise, developers are adapting new tools and techniques to accelerate their release cycles and lower costs. As a result, modern software has evolved to include four different elements:

Continue Reading >>

What Security Lessons Can Come From the Kaseya Ransomware Attack?

ByJoe Coletta July 26, 2021

This year will be remembered as annus horribilis for attacks against the software supply chain. In the first half of 2021, prominent attacks against SolarWinds and Microsoft Exchange both highlighted the collateral impact and potential reach of..

Continue Reading >>

Contrast Security’s Approach to SCA Enables Vulnerability Prioritization and Faster Remediation

ByJoe Coletta November 11, 2020

Open Source Is a Mainstay in Modern Development

It goes without saying that modern applications are rarely built from scratch today. Open-source software (OSS) communities are well-organized and licensing is usually pretty clear. Thus, when..

Continue Reading >>

The Risks Associated with OSS and How to Mitigate Them

ByJoe Coletta August 11, 2020

Open source has become nearly ubiquitous with Agile and DevOps. It offers development teams the ability to quickly and easily scale their software development life cycles (SDLC). At the same time, open-source software (OSS) components can..

Continue Reading >>

How to Accurately and Continuously Identify and Remediate OSS Library Risks


Continue Reading >>

Mitigating the Risks of Open-source Software in DevOps

ByJoe Coletta June 25, 2020

Speed matters when it comes to developing and releasing a new software title—nearly two-thirds of software companies report a development backlog. So, it should come as no surprise to hear that developers have been increasingly relying on..

Continue Reading >>