APPSEC OBSERVER

The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

Contrast Community Edition Empowers Developers to Write Secure Code Faster

As software eats the world, the world faces a software security crisis. The movement to modern software such as cloud technologies and microservice architectures is essential to innovate quickly. Yet, nearly three in four developers say that..

Continue Reading >>

Contrast Security Named a Visionary in the 2020 Gartner “Magic Quadrant for Application Security Testing”

Contrast Security was named a “Visionary” in the 2020 Gartner “Magic Quadrant for Application Security Testing.” Vendors are evaluated based on their completeness of vision and ability to execute.

Continue Reading >>

Traditional AppSec Code Halts Kill DevOps Release Cycles

In recent years, the application security (AppSec) field has not advanced as rapidly as the software development discipline. While developers are under constant pressure to push code, legacy security tools inhibit their ability to do so. Developers..

Continue Reading >>

Tips and Tactics for Creating Your Own Capture-the-Flag Event

Making Security Awareness Fun

Is your security awareness training program effective and making a difference? Does it fully engage your staff? What about your technical employees, such as developers and engineers? Do they view the accompanying..

Continue Reading >>

State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

When it comes to protecting running applications, traditional defenses that sit on the perimeter lack effective visibility and context to keep pace with attacks. Simply guessing as to the validity of a threat is not enough. This blog spells out..

Continue Reading >>

Incident Response Requires a New AppSec Model

Incident response found its way into our technological vernacular back in 1988 when the first internet worm—dubbed “The Morris Worm”—was released. In response, the Computer Emergency Response Team/ Coordination Center (CERT/CC) by DARPA was..

Continue Reading >>

Contrast Labs: CVE-2020-11444: Privilege Escalation Vulnerability in Sonatype Nexus Repository Manager

In this time of COVID-19, social distancing, stay at home, shelter in place, and all the other things that force us to really do nothing outside the home, I have spent more time bug hunting.

Continue Reading >>

What Vulnerabilities and Attacks Matter? Insights from Contrast Labs’ AppSec Intelligence Report

The threat landscape is constantly evolving, growing in sophistication as well as volume and velocity. This presents serious challenges for organizations of all sizes and industry sectors. Software applications are a top target when it comes to..

Continue Reading >>

Videoconferencing Is Being Weaponized, Tips on Making Your Meetings More Secure

Zoom, the videoconferencing application that has grown from 10 million users in December to over 200 million today (an increase of 1,900%), is easily the most popular virtual meeting service for businesses, nonprofits, schools, and social groups..

Continue Reading >>

How Hackers Are Exploiting COVID-19 and What Organizations Can Do About It

Now that many people are working from home due to the coronavirus disease (COVID-19), businesses are facing unprecedented cybersecurity challenges. Unfortunately, among many challenges, hackers are poised to capitalize on the crisis by attacking..

Continue Reading >>

SUBSCRIBE TO THE BLOG