In an article "The DevOpsification of Security," written by Redpoint Ventures principal Lenny Pruss, Contrast Security is mentioned as a leading "app-centric visibility tool." Lenny's premise is that:
"The reality is that security, like DevOps, cannot be something you simply buy, it must be something you do, encompassing a collection of principles, practices and products.
It holds, then, that today’s security paradigm must be application-centric, developer-driven and built from the inside-out."
This concept ties in nicely with a blog post (going back to June of 2015) written by Jeff Williams, Contrast Security CTO and Co-Founder. Lenny Pruss' observations in the article were supported (in the past) as Jeff outlined the advantages of Interactive Application Security Testing (IAST), and that an amazing feature of IAST is it leverages data from inside the running application.
"IAST works in fundamentally different ways than static or dynamic tools using instrumentation technology. IAST leverages information from inside the running application, including runtime requests, data flow, control flow, libraries, and connections, to find vulnerabilities accurately. Because of this, interactive testing works better for application security."