SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

START FREE TRIAL

CONTRAST LABS: December AppSec Threat Intelligence Report

Contrast Labs' analysis of real world application attack data from December 2017.

Overview

  • December was a huge month for application layer attacks, with large increases in every category of attack except Padding Oracle. Overall, we saw a 5x..
Continue Reading >>

CONTRAST LABS: November AppSec Threat Intelligence Report

ByContrast Labs December 27, 2017

Contrast Labs analysis of real world attack data from November.

Observations

  • Overall attack traffic was down in November from our highs in August. Once again this month, virtually every application/API was attacked, and some were continuously..
Continue Reading >>

Jeff Williams, Contrast CTO: Security Predictions for 2018

Security Predictions for 2018

The world of software is changing quickly at all of our clients. As we look across tens of thousands of applications and a wealth of vulnerability and attack data, some clear trends emerge. We continue to believe..

Continue Reading >>

Open Source Software (OSS) is the Turbo Charger of Innovation

Software is at the heart of Digital Transformation, and organizations are using software more than ever for economic and productivity purposes in order to transform the way they run their business – to address customer needs, for better customer..

Continue Reading >>

Join Us On December 12th – OWASP Bay Area MeetUp

BAY AREA OWASP MEETUP | Tuesday, Dec. 12th, 6:30-9:00 PM

Application security professionals are invited to attend the upcoming OWASP Meetup, December 12th at the Contrast Headquarters in beautiful downtown Los Altos. Join in the merriment as you..

Continue Reading >>

Unify Security Across Teams – See How Contrast Does it in a 60-Minute Product Demonstration

More than ever before, the security of running enterprise applications is a shared responsibility between security, operations, development and engineering teams. However, all these groups are running blind when it comes to understanding the..

Continue Reading >>

Interview with Software Security Experts

Ed Amoroso, former CISO of AT&T, and Founder and CEO of TAG Cyber, sat down for a conversation with Contrast Security CEO Alan Naumann, and CTO and Co-founder Jeff Williams. In these two, ten-minute interviews, Ed digs into the minds of these..

Continue Reading >>

How Visibility and Data Unite Engineering, Security & Operations: Dev + Sec + Ops = DevSecOps

ByMahesh Babu October 13, 2017

More than ever before, the security of a running application is a shared responsibility:

  1. The security team needs to detect, monitor and respond to an application layer breach
  2. The operations team needs to ensure performance, stability & reliability..
Continue Reading >>

Redirects from Third-party JavaScript on Equifax Lead to More Hacks

As we mentioned last week, Equifax continues to make headlines and ramifications of building sites with insecure code is taking a its toll. Below you'll read a series of startling comments that appeared this past week by Jeff Williams, Contrast..

Continue Reading >>

Still Making Headlines – Struts 2 and the Equifax Breach

Yes, we have all seen the headlines.  But, don’t think that the issues that arose from the Equifax breach and the Struts 2 vulnerability will disappear any time soon. Last time I checked, there were 34 articles published that Contrast was either..

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook