X
June 9, 2025
Today, Contrast is launching Northstar — a major leap forward in securing modern applications and application programming interfaces (APIs).
Security in 2025 demands more than static scans and perimeter protection. With the Northstar release, development, AppSec and SecOps teams finally move in sync. They stop application-layer attacks in real time. They eliminate whole classes of vulns and zero days. They use AI tools that aren’t just smart — they’re fast, accurate and grounded in real-world context.
That context comes from the Contrast Graph — a real-time model of your application environment that reveals the most accurate and actionable view of what matters most: application-layer attacks as they happen, exposed vulnerabilities that create risks that are real and the fastest path to remediation.
We’re calling this release Northstar because it points the way forward. It helps customers see what was once invisible — adding clarity where there was ambiguity, and light where attackers once hid.
In other words, it adds Contrast.
Contrast Graph
New user experience
Dynamic risk scoring
Contrast AI SmartFix
Contrast AI MCP Server
Deployment Hub
Flex Agent
Application Security (AppSec) as we’ve always known it is failing. In fact, even calling it “application security” pigeonholes it in some shift-left, shift-right debate. The truth is, despite best efforts, no one believes that code is vulnerability-free, and even if it were, there would still be attacks that a Web Application Firewall (WAF) would miss. Threat actors know it and have been accelerating attacks, as evidenced in the 2025 Verizon Data Breach Investigations Report (DBIR) and the 2025 Mandiant M-Trends report. Attacks on the endpoint are down because of sophisticated Endpoint Detection and Response (EDR) tools. Now, it’s time to bring that sophistication to the application layer.
With the Northstar release, Contrast Security takes Application Detection and Response (ADR) to the next level. Northstar includes the first unified platform that allows security, development and operations teams to:
This update marks a turning point in AppSec — where runtime intelligence, deep context and automation converge to stop breaches before they start.
Today’s organizations demand fast decision-making. They need intelligence with context so that it is actionable. We made significant changes to the backend of Contrast. With Northstar, Contrast has moved to a modern streaming data architecture that consumes telemetry about apps, APIs, libraries, attacks, vulnerabilities, infrastructure and runtime behavior into a single powerful model — the Contrast Graph. This highly scalable approach seamlessly supports millions of applications and APIs in real time.
That has enabled something new in AppSec. The Graph is a real-time digital twin of an organization’s application and API environment, mapping live attack paths; correlating runtime behavior; and exposing how vulnerabilities, threats and assets are connected. This deep, dynamic context eliminates the guesswork that plagues traditional tools, enabling accurate, automated prioritization and remediation — so teams can focus on real risk and act confidently.
Until now, teams have been unable to stop attacks because they haven’t been able to see them with context. The Contrast Graph changes that.
Functionally, the data from the Contrast Graph powers new and better workflows, which result from the new user experience and AI tooling we’re about to explain.
With the new user experience, application-layer threats are no longer hidden. Security teams can:
Role-specific views give each team the exact visibility they need. When you watch the demo, you’ll see that the platform constantly informs users in real time about vulnerabilities ranked by criticality with associated attacks. And, more importantly, that when an attack reaches a vulnerability, Contrast knows within seconds, reporting the urgent incident clearly. That allows for either auto-blocking or manual blocking of the attack. It also reminds the necessary users to patch the vulnerability.
Watch the demo to see what happens when the application gets attacked.
When you watched the demo of the new user experience, you likely noticed that Contrast is introducing dynamic risk scoring — a smarter way to prioritize based on what’s actually at risk in production.
Powered by CVSSv4 and real-time intelligence, Contrast Score incorporates real-time insights from the Contrast Graph. Rather than assuming worst-case scenarios across the board, Contrast dynamically adjusts each score using runtime context, including:
Instead of a backlog filled with vulnerabilities labelled “critical,” teams get clear, actionable priorities — the small subset that actually poses a threat right now, as the applications and APIs are running.
Customers using Contrast Score report more than a 50% reduction in HIGH and CRITICAL findings, because most vulnerabilities identified by static scans aren’t under attack and don’t impact critical services. That means less noise and less stress, and it enables remediation of what truly matters.
When you know a critical vulnerability is under attack, you want to fix it as fast as possible. Until now, there have been two paths to doing that: sending the vuln to devs so they can write a manual fix, or using a contextless and generic AI assistant to give you code fixes that are ineffective because they lack an adequate understanding of the application vulnerability to provide accurate recommendations.
That’s why we’re introducing Contrast AI SmartFix.
SmartFix is an agentic AI, capable of perceiving the runtime environment, planning the optimal remediation path and taking action. Unlike AI tools that count on Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST) or Software Composition Analysis (SCA) technologies, SmartFix has information about attack surface, full data flow, stack traces, HTTP requests, existing security defenses, libraries available, backend connections and more.
Contrast AI SmartFix uses all of that context from the Contrast Graph to generate a pull request with:
This isn’t just AI suggesting a fix; it’s an intelligent system taking action. Teams can now go from detection to resolution in minutes, not weeks. Unlike other AI solutions, this one has all the context it needs to develop the right solution.
The use cases for AI are seemingly endless. But AI output is only as good as the data input. When organizations deploy Contrast, they have access to the most detailed security data about their application layer in the industry.
The Contrast MCP Server allows organizations to harness that detailed security context and provide it to AI tooling through a secure gateway. It allows you to use your own AI agents to interact directly with the data that Contrast gathers in real time.
This is your security intelligence gateway for people and AI.
The Contrast MCP Server is the gateway to understanding and acting on application-layer threats. It connects runtime context to the rest of your security stack, enabling human analysts and digital agents alike to do their jobs faster and smarter. Instead of digging through logs or static dashboards, users can now:
Contrast’s MCP Server powers AI coding agents to generate fix strategies to rapidly and accurately remediate vulnerabilities that Contrast detects, without ever leaving your IDE. This isn’t just a tool — it’s the foundation for intelligent, automated security operations.
Onboarding with Contrast just got radically simpler. Deployment Hub is your central command center for getting up and running on day one. Visualize agent deployment status, assign and manage tasks across teams, and leverage in-app videos, directly in the app. With step-by-step guidance, even complex environments can be set up quickly and confidently.
What it delivers:
Deployment Hub takes the friction out of rollout so you can shift focus from implementation to impact.
Contrast’s Flex Agent automates and simplifies deployment, keeping agents current and consistent across languages, services and teams. It’s designed for security at scale, without operational drag.
What it delivers:
It’s the invisible engine behind fast deployment and confident coverage.
Contrast integrates seamlessly with industry-leading tools like Splunk, Wiz and Sumo Logic to ensure that security insights flow into the platforms teams already rely on. Additional integrations and strategic partnerships will be announced in the coming weeks, as Contrast continues to expand its global partners and redefine application-layer defense.
Martha Gamez-Smith, Information Security Officer - Texas Computer Cooperative | Education Service Center, Region 20:
"We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently.”
Ned Engelke, Chief Technology Officer — EVOTEK:
"What sets Contrast apart is how well it integrates into modern security operations. The Contrast Graph, SmartFix, and MCP server give our customers the data and tools they need to bring AI into their security tooling in a meaningful way — not just another dashboard, but real automation with real context."
Katie Norton, Research Manager at IDC:
“As AI continues to reshape the threat landscape, application security is expanding beyond traditional, reactive scanning to include more real-time, context-aware defense. Contrast’s emphasis on runtime intelligence, integrated workflows and agentic AI aligns with a broader industry move toward adaptive security strategies designed to help organizations stay ahead of modern threats.”
Tyler Shields, Principal Analyst at Enterprise Strategy Group:
“Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritization and automated remediation, which are the key security outcomes required by security organizations today.”
Chris Kissel, Research Vice President at IDC, Security & Trust Products:
“For SOC analysts, the power of ADR is its ability to surface live, context-rich attack data, directly from inside production applications, into existing workflows. Fueled by the Contrast Graph, these high-fidelity alerts eliminate guesswork, reduce false positives, and enable teams to prioritize and respond rapidly to the threats that matter most.”
If you're still relying on scans, WAFs, EDR and backlogged tickets to protect your application layer, you're not seeing the real threats — and you're not stopping them.
Contrast gives you real-time, in-app visibility and the power to act. No noise. No guessing. Just answers.
