<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

Insights from Microsoft Build Conference 2017

At Microsoft Build in Seattle earlier this month, Microsoft presented its strategy and demonstrated its commitment to help move enterprises into the digital era. This transformation will require businesses to embrace technologies like cloud,..

Continue Reading >>

CAS: The Best Way to Modernize Application Security

In case you don't recognize the acronym, "CAS" stands for Continuous Application Security. It may not become a household name, but here at Contrast we believe it will be as common as "WAFs" within our industry.  CAS will help lead the way to..

Continue Reading >>

A CTO's Response to Trump's Cybersecurity Executive Order

In principle, holding each agency head accountable for his or her agency’s cybersecurity is logical. The problem with that is they were already accountable. When the OPM was breached, director Katherine Archuleta stepped down. And there were calls..

Continue Reading >>

Improve Application Security by Turning it into Code

Why is application security such a pain? One of the hard problems with application security is that there are a zillion different ways that things can go wrong.

Continue Reading >>

Contrast Security Honored as Gold Stevie Award Winner in 2017 American Business

Contrast Security was named the winner of a Gold Stevie® Award in the New Product or Service of the Year - Software Development Solution category in the 15th Annual American Business Awards. Details about The American Business Awards and the list of..

Continue Reading >>

Google Docs May Still be Vulnerable to Phishing Attacks

On Tuesday, users of Google Docs were targeted with an email phishing attack. The email content was a ruse to trick folks into granting access to their contact data. Google quickly put measures into place to stop the attack. Please visit this..

Continue Reading >>

The DevOps-Ready Security Program

ByMahesh Babu May 4, 2017

6 Executive Tips to Bring Security into the DevOps Era

Extending DevOps to your software application security team shifts security from being a bottleneck to an enabler. According to McKinsey & Company, the benefits of being a DevOps-ready IT..

Continue Reading >>

How AppSec Fits into the World of DevOps and Containers

ByKaushik Srinivas May 2, 2017

Business undertaking digital transformation initiatives are turning to Agile development and DevOps workflows to execute their software projects. Agile lets software teams respond quickly to customer needs, and DevOps helps organizations deploy..

Continue Reading >>

The Importance of Adding "A7: Insufficient Attack Protection" to the OWASP Top 10

We know there are some very strong feelings about both the recent Top Ten Release Candidate and my involvement in the project. Steve Ragan does a nice job summarizing the issue in CSO: "Contrast Security Responds to OWASP Top 10 Controversy."  While..

Continue Reading >>

Portable Builds with Docker

At Contrast, we like to enable developers to solve their own problems without submitting tickets to the Operations team. We also like to define our infrastructure with code.

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook