Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.


Introducing Contrast for Microsoft .NET

Yesterday we (Contrast Security) announced availability of our Contrast agent for Microsoft .NET. We wanted to first take this opportunity to thank our Beta testers, developers, and everyone else involved in getting this incredibly useful product..

Continue Reading >>

Getting Left of Boom: Using FireEye and Contrast Together

The term "Left of Boom" is a military term used to describe the time before the explosion of an improvised explosive device (IED), aka a roadside bomb. Made popular by Pulitzer-Prize winning author Rick Atkinson, the military term left of boom..

Continue Reading >>

Interactive Application Security: Frequently Asked Questions

Contrast doesn't neatly fall into either the static analysis (SAST) or dynamic analysis (DAST) categories most security experts ask about. Because of that, we often field questions about what exactly and Contrast does. This post will answer a few..

Continue Reading >>

ColdFusion and Application Security

Contrast Now Supports Securing ColdFusion!Even before adding support for .NET, the Contrast team had planned to support ColdFusion. Let's go through our preferred customer checklist:

Continue Reading >>

Better Application Vulnerability Detection with Advanced Data Tagging

I've been reviewing code for security problems for about 15 years now.  I'm privileged to have seen the code for many of the world's most critical applications.  And I've also had a lot of time to think about how we can find vulnerabilities..

Continue Reading >>

Why AppSec Tools Must have Good Coverage

What would you say if I told you your current application tools are only covering about 20% of your application? Saying that another way, you're missing 80% of the vulnerabilities in your app!

Good security is a combination of a low number of..

Continue Reading >>