Secure your code amid layoffs

Thus far during November 2022, many tech companies have put in place hiring freezes or conducted layoffs. For example, tech industry heavyweight Meta has laid off more than 11,000 employees. Meanwhile, big-name Twitter has laid off nearly 50% of its workforce, with CISO Lea Kissner resigning amid the turmoil. 

At times, I’ve been the person being laid off. At other times, I’ve been the person left behind to work on a project. The people being laid off are our friends and acquaintances, have been awesome and talented co-workers, and deserve our continued gratitude and respect. My prayers and well-wishes are with them as they face new challenges in their careers and personal lives.

Layoffs are challenging, both for the laid-off and the left-behind. When I’ve been the one left behind, I inherited new work responsibilities and was expected to perform at a higher level than ever before. 

Your adversaries aren’t facing layoffs

Cybersecurity is one of those responsibilities that developers may be facing for the very first time. Despite the downturn in the economy, the threats to your software projects from criminal organizations and adversarial nation-states haven’t gone away. Identifying and fixing vulnerabilities in production software is likely to be a new challenge some developers (maybe including you?) are facing this month.

For those still pushing ahead on projects, you may have had a mix of experiences with cybersecurity tooling. Perhaps it is a brand-new topic for you. You aren’t sure what you need, but you know you need to take some stop-gap actions to protect your code base. Maybe you have some experience, but you would like better tools to assess the risks facing your project. You might even be facing pressure to move fast and just want help scanning your project to get an automated audit of the issues in your Continuous Integration/Continuous Deployment (CI/CD) pipeline. Some developers with new cybersecurity responsibilities could even be facing a mixture of these — if not more! — challenges.

Fortunately, Contrast Security has a whole suite of market-leading security solutions. Our tools cover the whole breadth of the Software Development Life Cycle (SDLC): from development, through testing and onto production runtime coverage. Our tools are fast, deliver very accurate results, and have a very low rate of false positives. Contrast Security has been consistently recognized as a leader in the cybersecurity marketplace. We are here to help you to secure your software development projects from cybersecurity risks.

Try it yourself — free!

With our free-tier offering, CodeSec by Contrast, developers can improve cybersecurity coverage within minutes for free, right now, by going to Contrast’s developer portal and installing CodeSec into your command-line interface (CLI) via your Homebrew or npm package manager and binary. 

But why stop there? You can also integrate CodeSec into your workflows as you need! We have tutorials on our blog for specific use cases, such as using CodeSec with Git hooks to prevent vulnerabilities from ever reaching your code repository and using a Contrast GitHub Action to find vulnerabilities in your project’s dependencies. CodeSec can help you check off your new cybersecurity responsibilities by the end of the work day.

Continue on your secure-code journey

CodeSec by Contrast is a fast, free way to get started with finding vulnerabilities in your projects. But what if it isn’t enough? Contrast’s products build on each other to form a comprehensive coverage against software threats. Plus, this economic downturn isn’t Contrast Security’s first rodeo. Our company leadership has been involved with the cybersecurity community for decades: For example, Contrast Security co-founder and CTO Jeff Williams is a founder of, and major contributor to, OWASP. 

As you are expected to handle more development responsibilities in these trying times, we are here to help you.

This post first appeared on Developers Alliance.