Palo Alto, Calif. – Jan. 26, 2015 – Contrast Security announced the delivery of Contrast for Eclipse, a free and easy-to-use plug-in that expertly finds dangerous vulnerabilities in applications as fast as they are developed.
Over the years, security has become incredibly difficult for developers to manage – yet it’s an essential part of the application process. Without application security, more than 22 serious vulnerabilities per application go “live,” representing significant unmitigated risk. Due to the high cost of manual code reviews, and the ineffectiveness of legacy SAST and DAST tools, most organizations secure only a small percentage of their application portfolio. As a result, applications are the leading target of attacks by hackers. Worse still, these are security breaches that traditional network perimeter defenses can’t see.
Contrast Security’s powerful instrumentation technology provides developers a fast, accurate and easy way to find and fix OWASP Top 10 vulnerabilities instantly, all via a familiar and fully integrated Eclipse Java IDE experience. Contrast for Eclipse employs a patented instrumentation technology that virtually eliminates the time-consuming process of tracking false positives, enabling developers to quickly develop secure code without delay or experts.
“Contrast for Eclipse allows Spring Security and Spring Tool Suite users to build secure applications without compromising productivity,” said Pieter Humphrey, Spring Product Marketing Manager, Pivotal Software. “The analysis technology will help our community to prevent security vulnerabilities.”
Contrast for Eclipse’s patented, unique instrumentation offers numerous benefits not found in ineffective, costly and complex legacy SAST and DAST tools, including:
- Instant, accurate, and automatic detection of OWASP Top 10 vulnerabilities
- Detailed run-time code and data flow analysis
- Vulnerability pinpointing right to the line of source code
- Both custom code and library analysis for 100% coverage
- Context-sensitive expert remediation advice
According to Gartner’s top ten technology trends for 2015 report, applications must take a more active role in security to protect themselves. Specifically, the organization cited “security-aware application design, dynamic and static application security testing, and runtime application self-protection, combined with active context-aware and adaptive access controls,” as some of the tools necessary to stay safe in “today's dangerous digital world.” The firm also pointed to the importance of building security directly into the application. These recommendations are entirely aligned with Contrast Security’s mission to produce the most accurate results as fast as possible.
“We believe in a future free of software vulnerabilities – that is our mission,” said Jeff Williams, founder and CTO of Contrast Security. “In bringing Contrast for Eclipse to market, we’re giving developers the control they need to quickly and easily eliminate application vulnerabilities at the source. There is no reason to ever have another SQL injection attack – yes, you read that right. Developers should be empowered with great tools that make security easy, and this conviction is the impetus behind Contrast for Eclipse.”
More information about Contrast for Eclipse may be found on the Contrast Security website: http://www1.contrastsecurity.com/eclipse.
About Contrast Security
Contrast Security delivers the world’s fastest application security software that eliminates the single greatest security risk to enterprises today. Industry research shows that application security flaws are the leading source of data breaches. Contrast can be deployed, automatically discover applications and identify vulnerabilities within seven minutes. Relying on sensors instead of expensive security experts, Contrast runs continuously and is ten times more accurate than the competition. Unlike tedious, painful and slow legacy approaches, Contrast analyzes a complete portfolio of running applications simultaneously in real time at any scale. As a result, organizations can act faster against threats and immediately reduce risk. More information on Contrast Security can be found at http://www1.contrastsecurity.com/.
# # #
For Immediate Release
For more information:
SHIFT Communications for Contrast Security