The latest trends and tips in DevSecOps through instrumentation and Security Observability.

Subscribe To Blog

Three Reasons Why Contrast SCA Is Best Suited for Log4Shell Rapid Response

With Log4j being such a ubiquitous library embedded in tens of millions applications across the Java ecosystem, it’s fairly obvious to understand why the Log4Shell CVE is being treated as a DEFCON 1-class situation. To add salt to the wound, many..

Continue Reading >>

Contrast Security’s Approach to SCA Enables Vulnerability Prioritization and Faster Remediation

ByJoe Coletta November 11, 2020

Open Source Is a Mainstay in Modern Development

It goes without saying that modern applications are rarely built from scratch today. Open-source software (OSS) communities are well-organized and licensing is usually pretty clear. Thus, when..

Continue Reading >>

The Risks Associated with OSS and How to Mitigate Them

ByJoe Coletta August 11, 2020

Open source has become nearly ubiquitous with Agile and DevOps. It offers development teams the ability to quickly and easily scale their software development life cycles (SDLC). At the same time, open-source software (OSS) components can..

Continue Reading >>

Application Vulnerabilities Spike, .NET Applications Appear in the Attack Crosshairs

COVID-19 transformed businesses overnight. Suddenly, more than half of the workforce found themselves working from home and most businesses could no longer meet with customers and prospects in person. Those with mature digital strategies had a..
Continue Reading >>

How to Accurately and Continuously Identify and Remediate OSS Library Risks


Continue Reading >>

Mitigating the Risks of Open-source Software in DevOps

ByJoe Coletta June 25, 2020

Speed matters when it comes to developing and releasing a new software title—nearly two-thirds of software companies report a development backlog. So, it should come as no surprise to hear that developers have been increasingly relying on..

Continue Reading >>