Skip to content

AppSec Observer: AppSec (2)

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    How to detect the Log4j vulnerability in Java projects for free with Contrast Security's CodeSec

    How to detect the Log4j vulnerability in Java projects for free with Contrast Security's CodeSec

    Log4j is a popular Java logging tool with a critical cybersecurity vulnerability that gained global attention in..

    Building a modern API security strategy — API testing

    Building a modern API security strategy — API testing

    Part two of the five-part series, Building a modern API security strategy.

    Feeble APIs = Feeble app security

    Feeble APIs = Feeble app security

    Your apps are only as secure as each one of your scores of APIs.

    Why do modern companies choose Kotlin for server-side development?

    Why do modern companies choose Kotlin for server-side development?

    Kotlin is short, simple, easy to debug — and, now, Kotlin security is easy to secure with Contrast’s new, Kotlin-tuned..

    Blowing up DevOps bottlenecks with pull requests

    Blowing up DevOps bottlenecks with pull requests

    It’s the perfect time, Larry Maccherone said during his DevOps Connect knowledge-sharing session at RSA 2022: The code..

    CodeSec - Evaluator Guide

    CodeSec - Evaluator Guide

    CodeSec by Contrast brings the fastest and most accurate scanner on the market right to developers for free. By..

    A Sneak Peek Into Contrast's New Developer Security Tool

    A Sneak Peek Into Contrast's New Developer Security Tool

    Coming June 2, Contrast Security will be unveiling its newest security scanning tool designed for developers by..

    Securing Server-Side Kotlin

    Securing Server-Side Kotlin

    I’m excited to expand Contrast Assess language coverage to include Kotlin as a General Availability language. This new..

    Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

    Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

    It’s been a couple of weeks since the first public disclosure of the Log4j vulnerability. A lot has happened - perhaps..