Skip to content

AppSec Observer: AppSec

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe to Blog
Contrast Scan adds support for client-side JavaScript including Angular, React, & jQuery

Contrast Scan adds support for client-side JavaScript including Angular, React, & jQuery

Contrast has expanded its Static Analysis Security Testing (SAST) language coverage to support client-side JavaScript,..

RedMonk: Democratizing AppSec with Contrast Security

RedMonk: Democratizing AppSec with Contrast Security

In this session of RedMonk conversations. Senior analyst Rachel Stephens is joined by Contrast Security co-founder and..

Log4j still an issue, but CodeSec audit can help

Log4j still an issue, but CodeSec audit can help

Landing on the incident response boards for software engineering teams worldwide in December 2021, the Log4j..

Debunking the myths around RASP

Debunking the myths around RASP

Welcome to the second part of this series examining some of the myths that I’ve heard in many conversations around..

Close the DevSecOps divide with Ted Lassos

Close the DevSecOps divide with Ted Lassos

You hear it over and over: There’s a yawning cybersecurity workforce gap. The U.S. Bureau of Labor stats pegged it at..

Building a modern API security strategy — API components

Building a modern API security strategy — API components

Part three of the five-part series, Building a modern API security strategy.

Debunking IAST myths

Debunking IAST myths

If you have followed Contrast's progress over the years, you will recognize us as a leading provider of Interactive..

How to detect Log4j vulnerabilities in Java projects for free with CodeSec

How to detect Log4j vulnerabilities in Java projects for free with CodeSec

Log4j is a popular Java logging tool with a critical cybersecurity vulnerability that gained global attention in..

Building a modern API security strategy — API testing

Building a modern API security strategy — API testing

Part two of the five-part series, Building a modern API security strategy.