Skip to content

AppSec Observer: SCA

The latest trends and tips in DevSecOps through instrumentation and security observability. Learn about real-world insight and “in-the-trenches” experiences on topics ranging from application and information security to DevOps and risk management.

Subscribe to Blog
Detect vulnerable libraries within your GitHub environments for free

Detect vulnerable libraries within your GitHub environments for free

Combine the power of GitHub Actions for automated Continuous Integration/Continuous Deployment (CI/CD) pipelines with..

Contrast Security expands its GitHub coverage with new SCA GitHub Action

Contrast Security expands its GitHub coverage with new SCA GitHub Action

There are more than 73 million developers currently utilizing GitHub, and rightfully so, since GitHub has become a..

Drupal security challenges faced by developers

Drupal security challenges faced by developers

Drupal is a PHP-based, fully accessible web content management system (CMS) offered under the terms of the General..

Log4j still an issue, but CodeSec audit can help

Log4j still an issue, but CodeSec audit can help

Landing on the incident response boards for software engineering teams worldwide in December 2021, the Log4j..

How to scan for cybersecurity risks on every commit with CodeSec and Git Hooks for free

How to scan for cybersecurity risks on every commit with CodeSec and Git Hooks for free

Good programmers are lazy. It’s a common euphemism in the software development world: a humorous, counterintuitive..

How to detect Log4j vulnerabilities in Java projects for free with CodeSec

How to detect Log4j vulnerabilities in Java projects for free with CodeSec

Log4j is a popular Java logging tool with a critical cybersecurity vulnerability that gained global attention in..

CodeSec - Evaluator Guide

CodeSec - Evaluator Guide

CodeSec by Contrast brings the fastest and most accurate scanner on the market right to developers for free. By..