SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

START FREE TRIAL

WHY OBSERVABILITY IS THE NEXT BIG THING IN SECURITY

Accelerate cloud migrations with security observability across your development life cycle.

Continue Reading >>

Application Vulnerabilities Spike, .NET Applications Appear in the Attack Crosshairs

COVID-19 transformed businesses overnight. Suddenly, more than half of the workforce found themselves working from home and most businesses could no longer meet with customers and prospects in person. Those with mature digital strategies had a..
Continue Reading >>

How to Accurately and Continuously Identify and Remediate OSS Library Risks

 

Continue Reading >>

Cyberattacks on Applications Grow Exponentially, Pose Serious Risk

The need for digital engagement with customers, partners, and employees has never been greater than it is today. Most organizations were already in varying stages of digital adoption when the pandemic hit. Suddenly, businesses of all sizes..

Continue Reading >>

Application Risk Is 1.7x Higher for Organizations That Fail to Manage Security Debt

Analyzing data captured from June 2019 to May 2020, Contrast Labs found that applications experienced over 13,000 attacks on average each month over the past year. Serious vulnerabilities plague more than one-quarter of applications and 11% have..

Continue Reading >>

Legacy SAST and the Fallacy of 100% Code Coverage

In October of 2019, three months into my tenure at Contrast Security, I received a challenge question from a customer prospect in the northern Atlanta suburbs who was using a competitor’s legacy static application security testing (SAST)..

Continue Reading >>

Manual Application Vulnerability Management Delays Innovation While Increasing Business Risk

Traditional approaches to application security (AppSec), such as legacy static application security testing (SAST) and dynamic application security testing (DAST), lack visibility across an application’s attack surface. As they analyze lines of..

Continue Reading >>

Accuracy in AppSec Is Critical to Reducing False Positives

According to a new report from the Neustar International Security Council (NISC), over one-quarter of security alerts fielded within organizations are false positives. Surveying senior security professionals across five European countries and the..

Continue Reading >>

Protect Sensitive Data, Reduce Risk, and Gain Regulatory Compliance with Embedded Data Security

Sensitive data often leaks out through applications. The privacy risk is not developer negligence, but rather misplaced trust in pre-General Data Protection Regulation (GDPR) solutions and infrastructure. Enterprises should turn to modern AppSec..

Continue Reading >>

Contrast Labs: Mapping Risk Profiles for Select OWASP Top 10 Vulnerabilities to Understand Their AppSec Risk

At Contrast Security, the Contrast Labs team is charged with numerous things. Part of this charter includes looking at threat intelligence and understanding the true threat landscape. This encompasses risks that different vulnerabilities may pose..

Continue Reading >>

SUBSCRIBE TO THE BLOG