SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

START FREE TRIAL

Contrast Security Introduces First and Only Free Application Security Product to Fix OWASP Top 10

Install Contrast for Eclipse

Palo Alto, Calif. – Jan. 26, 2015 – Contrast Security announced the delivery of Contrast for Eclipse, a free and easy-to-use plug-in that expertly finds dangerous vulnerabilities in applications as fast as they are developed. 

Over the years, security has become incredibly difficult for developers to manage – yet it’s an essential part of the application process. Without application security, more than 22 serious vulnerabilities per application go “live,” representing significant unmitigated risk. Due to the high cost of manual code reviews, and the ineffectiveness of legacy SAST and DAST tools, most organizations secure only a small percentage of their application portfolio. As a result, applications are the leading target of attacks by hackers. Worse still, these are security breaches that traditional network perimeter defenses can’t see. 

Contrast Security’s powerful instrumentation technology provides developers a fast, accurate and easy way to find and fix OWASP Top 10 vulnerabilities instantly, all via a familiar and fully integrated Eclipse Java IDE experience. Contrast for Eclipse employs a patented instrumentation technology that virtually eliminates the time-consuming process of tracking false positives, enabling developers to quickly develop secure code without delay or experts. 

“Contrast for Eclipse allows Spring Security and Spring Tool Suite users to build secure applications without compromising productivity,” said Pieter Humphrey, Spring Product Marketing Manager, Pivotal Software. “The analysis technology will help our community to prevent security vulnerabilities.” 

Contrast for Eclipse’s patented, unique instrumentation offers numerous benefits not found in ineffective, costly and complex legacy SAST and DAST tools, including:

  • Instant, accurate, and automatic detection of OWASP Top 10 vulnerabilities 
  • Detailed run-time code and data flow analysis 
  • Vulnerability pinpointing right to the line of source code 
  • Both custom code and library analysis for 100% coverage 
  • Context-sensitive expert remediation advice 

According to Gartner’s top ten technology trends for 2015 report, applications must take a more active role in security to protect themselves. Specifically, the organization cited “security-aware application design, dynamic and static application security testing, and runtime application self-protection, combined with active context-aware and adaptive access controls,” as some of the tools necessary to stay safe in “today's dangerous digital world.” The firm also pointed to the importance of building security directly into the application. These recommendations are entirely aligned with Contrast Security’s mission to produce the most accurate results as fast as possible. 

“We believe in a future free of software vulnerabilities – that is our mission,” said Jeff Williams, founder and CTO of Contrast Security. “In bringing Contrast for Eclipse to market, we’re giving developers the control they need to quickly and easily eliminate application vulnerabilities at the source. There is no reason to ever have another SQL injection attack – yes, you read that right. Developers should be empowered with great tools that make security easy, and this conviction is the impetus behind Contrast for Eclipse.” 

More information about Contrast for Eclipse may be found on the Contrast Security website: http://www1.contrastsecurity.com/eclipse

 

 

About Contrast Security
Contrast Security delivers the world’s fastest application security software that eliminates the single greatest security risk to enterprises today. Industry research shows that application security flaws are the leading source of data breaches. Contrast can be deployed, automatically discover applications and identify vulnerabilities within seven minutes. Relying on sensors instead of expensive security experts, Contrast runs continuously and is ten times more accurate than the competition. Unlike tedious, painful and slow legacy approaches, Contrast analyzes a complete portfolio of running applications simultaneously in real time at any scale. As a result, organizations can act faster against threats and immediately reduce risk. More information on Contrast Security can be found at http://www1.contrastsecurity.com/

# # # 

For Immediate Release 

For more information: 
Megan Nemeh 
SHIFT Communications for Contrast Security 
mnemeh@shiftcomm.com 
+1-415-591-8409 

Christine Carrig, Director of Marketing

Christine Carrig, Director of Marketing

Christine’s wide breadth of marketing experience has been focused on driving revenue, building brand recognition, and creating demand-generation programs in technology organizations. For the past 11 years, her deep understanding of marketing principles, coupled with forward thinking, has been instrumental in transforming application security start-ups into successful, profitable companies.

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook