APPSEC OBSERVER

The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

What Security Lessons Can Come From the Kaseya Ransomware Attack?

ByJoe Coletta July 26, 2021

This year will be remembered as annus horribilis for attacks against the software supply chain. In the first half of 2021, prominent attacks against SolarWinds and Microsoft Exchange both highlighted the collateral impact and potential reach of..

Continue Reading >>

How To Secure Your Application Inside Azure Kubernetes Service in 10 Minutes

ByMark Tomcza July 12, 2021

The Cloud Impacts Application Security

Organizations everywhere are making their way into the cloud with some form of digital transformation initiative. As a part of these efforts, organizations usually have multiple strategies to execute as they..

Continue Reading >>

Real-time Remediation Support Helps Developers Write Better Code

ByDavid Archer July 7, 2021

Learning From Our Software Development Mistakes

Like anyone else, I hate making mistakes. When I do, I usually feel that I could have avoided it by learning more about the subject or maybe by asking for help. Good intentions aside, however, the..

Continue Reading >>

MORE JAVA ATTACKS HIT EXISTING VULNERABILITIES IN MARCH–APRIL

The massive application attacks on SolarWinds and Microsoft Exchange Server in recent months did not slow the activity of cyber criminals. In March and April of this year, for example, social media networks were hit with several high-profile data..

Continue Reading >>

Why Developers Should Care About Our New Go Agent: A Look Under the Hood

Last month, we released the industry’s first integrated security analyzer for Go. Now that it has been available for a few weeks, I thought it would be helpful to provide some detail about how the Contrast agent actually works, what it finds, and..

Continue Reading >>

How It Took Two Years to Resolve Remote Code Execution Vulnerability CVE-2020-17091

Microsoft Teams vulnerability exposed serious risk to the software supply chain

Continue Reading >>

Contrast Announces the First Breakthrough in SAST in 15 Years

ByMahesh Babu June 10, 2021

Traditional Scanning Tools Can’t Keep Up

Continue Reading >>

Contrast Challenges the AST Status Quo in the Gartner 2021 AST Magic Quadrant

Gartner released its latest Magic Quadrant for application security testing (AST)—naming Contrast Security as a “Challenger” for 2021. In just six short years, Contrast has grown to the top half of the MQ—challenging revenue from..

Continue Reading >>

CONTRAST STUDY FINDS SIGNIFICANT APPLICATION SECURITY RISK AT FINANCIAL SERVICES ENTERPRISES

Only 25% Can Successfully Triage All Security Alerts, and 98% Have Had 3+ Successful Attacks

Continue Reading >>

How to Secure Jenkins Pipelines without the hassle

ByMark Tomcza May 21, 2021

Organizations spend countless hours and resources trying to effectively incorporate application security into their software development environments. Difficulty deploying and scaling security within modern development pipelines causes friction..

Continue Reading >>

SUBSCRIBE TO THE BLOG