SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

"BETTER" Security in 2019 - Lessons from RSA

We’ve recently wrapped up a dynamic week at RSA 2019 in San Francisco where we had over 500 visitors to our booth, executive meetings and won the Cyber Defense Magazine Award for Editor’s Choice Application Security. It’s a good time to reflect on the major theme of the show and the success of our second annual Contrast User Group meeting. 

rsa-2019-boothAt RSA this year, we hosted our second annual Contrast Security User Group Meeting and were excited to hear the many creative ways our customers are using Contrast’s solutions in cloud computing, containers and microservices. They’re integrating the latest development methodologies, including Agile, DevOps, and CI/CD throughout their entire SDLC. During the event, customers learned from and shared ideas with fellow members, had input into our product roadmap, and engaged in collaborative problem solving with fellow practitioners and Contrast team members.

Additionally, it’s fitting to mention the excitement of Contrast’s recently secured series D funding round of $65M which will help accelerate our technology innovation, field operations, international expansion and strategies to support our customers.

Each year the RSA conference highlights a key theme and focus within information security - the theme for RSA was “BETTER”. Although not particularly specific, it’s obvious that organizations are still feeling severely challenged in implementing a robust and reliable security posture, and security companies must increase how they can help. Vulnerability rates in application software remain as high as they were 15 years ago, traditional tools and processes aren’t compatible with modern software, and organizations are only protecting a tiny fraction of their application and API portfolio, according to Jeff Williams, CTO and Co-Founder of Contrast Security.  

Jeff writes, “In application security, BETTER isn’t very difficult to imagine. At Contrast, we imagine a world where developers are empowered to write secure code by getting instant and accurate feedback on the exact code they are working on via the tools they are already using.  We imagine strong assurance through complete security testing during CI/CD without slowing down the process. Finally, we imagine applications and APIs that are attack-aware and protect themselves in production. We see a culture of development, security, and operations working together to deploy secure code as part of a high velocity pipeline that generates innovation. In short, we believe in DevSecOps.

Rsa-2019-jeff-williams-interviewDevSecOps is a powerful concept that is becoming real through adoption of transformative culture, practices, and tools. Contrast is an important part of this change, but of course it’s not everything. We believe that by measuring, analyzing, and protecting applications through instrumentation, we have a huge information advantage. That information advantage translates into faster and more accurate application security testing (*AST), more powerful open source analysis, and powerful runtime exploit prevention (RASP). We’ve had amazing successes working with companies to quickly establish basic DevSecOps capabilities, eliminate vulnerability backlogs, and get organizations deal with new vulnerabilities before code is even checked in.  It’s not perfect yet, but it’s definitely BETTER." 

See Jeff’s interview with Dark Reading here.

As we progress into 2019 we look forward to a secure and bright future for all our customers, our partners and the world at large. Working together we can be “BETTER” in creating a secure world for all.

Surag Patel, Chief Strategy Officer

Surag Patel, Chief Strategy Officer

Surag Patel brings more than a decade of experience to Contrast Security, where he serves as Chief Strategy Officer. An experienced, highly analytical product and marketing executive, Surag’s focus is in driving Contrast’s global marketing and product strategy. Prior to Contrast, Surag served as Vice President of Global Product Management and Corporate Marketing for 41st Parameter, which was acquired by Experian in 2013. Prior to 41st Parameter, Surag led global data strategy and consumer insights for InMobi, the largest global independent mobile ad network. Surag blends his experience of bringing innovative products to market with a mix of engineering expertise, product strategy and domain expertise. Prior to InMobi, Surag spent five years at comScore leading advertising effectiveness research and development of the Ad Effx™ suite of products. Surag holds a BS in Computer Engineering from Cal Poly, San Luis Obispo, and a Masters in Engineering Management from Duke University.

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook