APPSEC OBSERVER

The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

President Biden’s Executive Order: Secure the Software Supply Chain

In the fallout of a successful ransomware attack on a pipeline that supplies nearly half the East Coast’s gasoline, President Biden signed an executive order placing strict new standards on the cybersecurity of any software sold to federal..

Continue Reading >>

Accelerating DevOps with Autonomous Security Observability: Webinar Recap

ByNikesh Shah May 14, 2021

Contrast and NowSecure Discuss Application Security Challenges and Best Practices

Continue Reading >>

The Right Way To Shift Right in Application Security

ByBlake Connell May 14, 2021

Protection Must Go Where the Attacks Happen: in Production

Continue Reading >>

A BIGGER SHARE OF VULNERABILITIES WERE SERIOUS IN THE FIRST TWO MONTHS OF THE YEAR

Until recently, the word “Hafnium” most commonly referred to an obscure atomic element—atomic number 72 in the Periodic Table of the Elements. It was named for the city where it was discovered in 1923—Copenhagen, Denmark, whose Latin name is..

Continue Reading >>

Secure Coding with Go

All Systems Go—Except Application Security

Google Go (also known as Golang) continues its role as a popular software language that enables developers to ship quality code at a rapid pace. Its genesis can be traced back to when Google engineers..

Continue Reading >>

A Single Security Platform That Actualizes DevSecOps

ByMahesh Babu May 4, 2021
Security and Development Are Out of Synch

When bringing new applications to market, speed has become a top priority. Nearly 80% of organizations say their development team is under growing pressure to shorten release cycles. Companies are..

Continue Reading >>

CONTRAST STUDY FINDS THAT LESS THAN 10% OF APPLICATION CODE IS ACTIVE THIRD-PARTY LIBRARY CODE

2021 State of Open-source Security Report Examines Real-world Software Supply Chains

Prompted by the devastating SolarWinds attack, the White House is reportedly preparing an executive order on software security to be released in the next several..

Continue Reading >>

Automation Paves the Way for Interactive Application Penetration Testing

Adoption of DevOps is increasing the rate of software deployment. A recent survey by DevOps Research and Assessment (DORA) and Google Cloud found that elite DevOps performers—nearly 7,000 of the companies surveyed—have 208 times more frequent..

Continue Reading >>

CONTRAST LABS REVEALS DEPENDENCY CONFUSION VULNERABILITY IN MICROSOFT TEAMS

When the COVID-19 pandemic forced a large percentage of the world’s office workers to begin working remotely a year ago, organizations were forced to scramble to greatly accelerate their digital transformation. Deployments that may have been..

Continue Reading >>

DEPENDENCY CONFUSION: A NEW THIRD-PARTY RISK FOR THE SOFTWARE FACTORY

The SolarWinds attack has been extensively covered over the past two months—and rightly so. It has been characterized as among the worst hacks of the past 10 years, targeting SolarWinds’ software factory and compromising the code in software..

Continue Reading >>

SUBSCRIBE TO THE BLOG