Skip to content

AppSec Observer

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe to Blog
GitHub Actions Blog Series, Part 2: Deploying with Amazon EKS

GitHub Actions Blog Series, Part 2: Deploying with Amazon EKS

Over the past few years, we’ve seen almost every company that runs software change their strategies to include some..

Securing Server-Side Kotlin

Securing Server-Side Kotlin

I’m excited to expand Contrast Assess language coverage to include Kotlin as a General Availability language. This new..

GitHub Actions Blog Series, Part 1: Pipeline Native Code Analysis

GitHub Actions Blog Series, Part 1: Pipeline Native Code Analysis

Contrast Security, the leader in next-gen code security, today announced its partnership with GitHub and the..

DHS Warns of Imminent Nation State Cyberthreats

DHS Warns of Imminent Nation State Cyberthreats

Situation Due to the ongoing degradation in Ukrainian and Russian relations, today, intelligence agencies from major..

Contrast Security recognized as a High Performer in the G2 Grid Report for Software Composition Analysis

Contrast Security recognized as a High Performer in the G2 Grid Report for Software Composition Analysis

 

Data Privacy and the Future of Business: How Businesses Can Put Privacy First

Data Privacy and the Future of Business: How Businesses Can Put Privacy First

With the global big data market set to be worth nearly $235 billion by 2026, to say that data is now core to business..

Contrast Scan Adds Support for Client-Side JavaScript - The World’s Most Popular Programming Language

Contrast Scan Adds Support for Client-Side JavaScript - The World’s Most Popular Programming Language

If you’re looking for the TL;DR version of this announcement, here it is: Contrast Scan has expanded its language..

Log4J 2.17.1 - Lower Risk, Patch When You Can

Log4J 2.17.1 - Lower Risk, Patch When You Can

The season of Log4J vulnerabilities continues with a new Log4J 2.17.1 released on December 28, however the risk is..

Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

It’s been a couple of weeks since the first public disclosure of the Log4j vulnerability. A lot has happened - perhaps..