Platform
Contrast Secure Code Platform

Contrast Scan (SAST)

Contrast Assess (IAST)

Contrast Protect (RASP)

Contrast SCA

Contrast Serverless (Cloud Native)
Developer Central

Log4j Response

Pricing

How We Compare

Languages

Integrations
Solutions
BY USE CASE

DevSecOps

Automated Penetration Testing

AppSec Monitoring

API Security

Software Supply Chain Security

SBOMs

GitHub CI/CD

Compliance

Services

BY DEPARTMENT

Dev and DevOps Teams

Security

DevSecOps

CISO

BY INDUSTRY

Government

Financial Services

Healthcare

Others
Partner
Technology Partners

Systems Integrators

Ecosystem Integrations

Channel Partners Overview

Cloud Partners

GitHub
Partner Program Overview

Become a Partner

Find a Partner

Visit Partner Portal
GITHUB ACTIONS BLOG SERIES, PART 1: PIPELINE NATIVE CODE ANALYSIS

Read the Blog
Customers
Company
About Us

Leadership Team

Culture & Careers

Women of Contrast

Contact Us
Blog

Events & Webinars

Newsroom

Podcast

Awards
"Contrast speeds up the delivery pipeline – we fix issues earlier in the development lifecycle. Great for any company trying to achieve a DevSecOps approach to application security.”

Read the G2 Report
Resources
Contrast for Developers

Contrast Secure Code Learn Hub

Contrast Community

Resource Center

OWASP Top 10

Executive Order on Cybersecurity

SBOMs

Live Weekly Demos

Support

Services

Trust Center

Documentation

Product Release Notes

Blog

Podcast

Events

Glossary
Contrast Incident Response Hub

Spring4Shell Vulnerability

Log4j Vulnerability

Weekly CISO Update

Trust Center
Developers
Get Demo

Contrast Protect + WAF: A Day in the Life of a User

By Erik Costlow, Director of Developer Relations

May 30, 2019

A Web Application Firewall can watch network data, but the architecture does not enable them to see how that data is actually used. As a result, they sound an equal alarm for all attack attempts without raising the importance for attacks that could actually work. This wastes human effort on investigating issues that don’t matter, and results in constant manual tuning or auto-tuning where success depends on information they do not have. A more effective security approach is to automatically secure applications, which understand how they use their own data and which threats are relevant to the way that the data is actually used. Check out our modern visual depiction of our Contrast Protect with Web Application Firewall.

Product RASP Contrast Protect

Erik Costlow, Director of Developer Relations

Erik Costlow was Oracle’s principal product manager for Java 8 and 9, focused on security and performance. His security expertise involves threat modeling, code analysis, and instrumentation of security sensors. He is working to broaden this approach to security with Contrast Security. Before becoming involved in technology, Erik was a circus performer who juggled fire on a three-wheel vertical unicycle.

Contrast Security Honored as a Silver Stevie® Award Winner in the 2019 American Business Awards® for Best Business Technology Software - DevOps Solution

Stoked! The Creative Process of Street Skating and What Open Source Folks Can Learn From It

BY USE CASE

BY DEPARTMENT

BY INDUSTRY

GITHUB ACTIONS BLOG SERIES, PART 1: PIPELINE NATIVE CODE ANALYSIS

"Contrast speeds up the delivery pipeline – we fix issues earlier in the development lifecycle. Great for any company trying to achieve a DevSecOps approach to application security.”

Contrast Incident Response Hub

Contrast Protect + WAF: A Day in the Life of a User

Erik Costlow, Director of Developer Relations

Loving our content? Subscribe now!