Contrast Security recently achieved “Visionary” placement on the 2014 Gartner Magic Quadrant for Application Security Testing. This is the second time in as many years that our award-winning AppSec solution has been on the market. To call that placement gratifying would be an understatement. It took a lot of hard work to deliver a superior product this year and ready us to meet the demands of continuous AppSec over the next.
What did we deliver?
This year saw the introduction of Contrast for .NET Agent (final release in two weeks). This new agent installs simply into Microsoft IIS servers and extends Contrast’s powerful vulnerability detection to web applications built in virtually any Microsoft language. Our Beta users have found hundreds of issues already and tell us they are thrilled. As are we, to have it out the door!
We also delivered Contrast Enterprise “on-prem”, already a hit with banking and financial services companies who can’t use an Internet-based SaaS Service, no matter how secure it is. But because this internally deployed version of Contrast is the same software we use for app.contrastsecurity.com, several of our users have created their own private AppSec service, which they operate, and market internally as an AppSec Center of Excellence.
Thanks to our awesome engineers who recognized early the need for “total automation” within our own continuous deployment systems (yes…we use Contrast on Contrast), Contrast is now enabled with a powerful REST API that enables it to work within test, build and deployment automation systems such as Mavin, Jenkins, Puppet and Chef.
There is more…but blog posts aren’t supposed to be more than 300 words.
What about next year? You should see an even greater number of new innovations, including the coverage of additional frameworks, platforms and languages, improved user experience and workflows as well, empowering functionality designed to help everyone find and kill security vulnerabilities long before they can be exploited.
That’s 350 words. I mean 353.
Developing a robust application security program does not need to be a daunting task...
Perhaps, all it takes is rethinking your existing program and moving to one that leverages a continuous application security (CAS) approach. Organizations practicing CAS quickly determine how a new risk affects them, design a defense strategy, and measure their progress to 100% coverage. By implementing eight functions within an enterprise you can assemble an effective application security program.