<iframe src="//www.googletagmanager.com/ns.html?id=GTM-WQV6DT" height="0" width="0" style="display:none;visibility:hidden">

SECURITY INFLUENCERS BLOG

Security influencers provide real-world insight and “in-the-trenches” experiences on topics ranging from application security to DevOps and risk management

Are You Ready to Automate Security Testing? Meet DevSecOps.

It is no secret that software applications today are complex and can potentially be riddled with many different security issues. From bad code to misconfigured servers and everything in between, solving this problem requires security implications to

Continue Reading

CAS: The Best Way to Modernize Application Security

In case you don't recognize the acronym, "CAS" stands for Continuous Application Security. It may not become a household name, but here at Contrast we believe it will be as common as "WAFs" within our industry.  CAS will help lead the way to..

Continue Reading

The DevOps-Ready Security Program

ByMahesh Babu May 4, 2017

6 Executive Tips to Bring Security into the DevOps Era

Extending DevOps to your software application security team shifts security from being a bottleneck to an enabler. According to McKinsey & Company, the benefits of being a DevOps-ready IT..

Continue Reading

How to Improve AppSec in DevOps

DevOps seems to be on the mind of a lot of folks these days. Many articles have been written on how to strategically move to well-functioning and secure DevOps methodologies. Leading experts, who've been in the DevOps trenches, are now sharing..

Continue Reading

Cloud Developers Can Now Get Cloud Foundry Certified!

Cloud developers can now become certified as Cloud Foundary experts, thanks to the folks at Cloud Foundry Foundation, who announced last week the launch of a cloud based developer certification initiative. The genesis behind this initiative will..

Continue Reading

Failure to Lognch

I had to fight tooth and nail to get this blog title -- I hope it made you shoot air out of your nose with a little more thrust than usual.

Continue Reading

The DevOpsification of Security

In an article "The DevOpsification of Security," written by Redpoint Ventures principal Lenny Pruss, Contrast Security is mentioned as a leading "app-centric visibility tool."  Lenny's premise is that: 

"The reality is that security, like DevOps,..

Continue Reading

DOM XSS in wix.com

Wix.com, a hosting provider which claims to host millions of websites, contains an XSS that leads to administrator account takeover and could be used to create a Wix website worm.

Target

From the company’s literature:

“Wix.com is a leading..

Continue Reading

Chat all you want… but will that data in your message be secure?

Businesses are looking to tools to improve productivity — no surprise right. Business apps are not just “stand-alone” and isolated but they are in the cloud and integrated with other tools and data. Integrations and “plug-ins” with other apps and..

Continue Reading

How Can Devs Keep Up with the Library Security Devil?

So, you don’t have the budget to buy Contrast, but you want your developers to be on top of the security of your open source libraries. No problem! Here’s a few simple tips and tricks to staying current.

Continue Reading

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook