Skip to content

AppSec Observer: DevSecOps

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe Now
Close the DevSecOps divide with Ted Lassos

Close the DevSecOps divide with Ted Lassos

You hear it over and over: There’s a yawning cybersecurity workforce gap. The U.S. Bureau of Labor stats pegged it at..

How to detect Log4j vulnerabilities in Java projects for free with CodeSec

How to detect Log4j vulnerabilities in Java projects for free with CodeSec

Log4j is a popular Java logging tool with a critical cybersecurity vulnerability that gained global attention in..

CodeSec - Evaluator Guide

CodeSec - Evaluator Guide

CodeSec by Contrast brings the fastest and most accurate scanner on the market right to developers for free. By..

A Sneak Peek Into Contrast's New Developer Security Tool

A Sneak Peek Into Contrast's New Developer Security Tool

Coming June 2, Contrast Security will be unveiling its newest security scanning tool designed for developers by..

GitHub Actions Blog Series, Part 3: Deploying with Microsoft AKS

GitHub Actions Blog Series, Part 3: Deploying with Microsoft AKS

In my last blog post, we discussed the need for businesses to adopt distributed development and delivery models in..

Contrast SECURITY VULNERABILITY DETECTION vs the Log4J2 CVE - A demonstration

Contrast SECURITY VULNERABILITY DETECTION vs the Log4J2 CVE - A demonstration

This week, Contrast Security proved that we could detect the Log4j2 vulnerability that caused CVE-2021-44228 and stop..

95% of Organizations Admit To at Least One Successful Application Exploit in Past Year

95% of Organizations Admit To at Least One Successful Application Exploit in Past Year

Findings and Insights from Contrast Security’s 2020 State of DevSecOps Report

Manual Application Vulnerability Management Delays Innovation While Increasing Business Risk

Manual Application Vulnerability Management Delays Innovation While Increasing Business Risk

Traditional approaches to application security (AppSec), such as legacy static application security testing (SAST) and..

Emerging from the Tool Swamp to a Unified AppSec Platform

Emerging from the Tool Swamp to a Unified AppSec Platform

Traditional approaches to application security (AppSec) rely on a patchwork of disconnected tools and processes that..