<img height="1" width="1" style="display:none;" alt="" src="https://dc.ads.linkedin.com/collect/?pid=113894&amp;fmt=gif">

SECURITY INFLUENCERS BLOG

Security Influencers provides real-world insight and “in-the-trenches” experiences on topics ranging from software application security to DevOps and cloud security.

CVE-2018-11776 Struts2

Contrast and Struts2 CVE-2018-11776

On August 22, a new CVE and exploit appeared for the Struts2 web application framework: Struts2 CVE-2018-11776. Struts2 CVE-2018-11776 adds to the list of older Struts/Struts2 CVEs. Like the Struts2..

Continue Reading >>

CVE-2018-15685 - Electron WebPreferences Remote Code Execution Finding

Contrast Labs has discovered a remote code execution (RCE) vulnerability affecting apps with the ability to open nested child windows on Electron versions (3.0.0-beta.6, 2.0.7, 1.8.7, and 1.7.15). This vulnerability has been assigned the CVE..

Continue Reading >>

Press Roll Up — Contrast Featured in DevOps, DZone, TechBeacon

 

Contrast Security is no stranger to being quoted or referenced in industry leadership articles. Below you'll find Contrast being featured in recent publications.

Continue Reading >>

CONTRAST LABS: February 2018 AppSec Threat Intelligence Report

Contrast Labs' analysis of real world application attack data from February 2018.

Overview

  • In February, overall application attack volume more than doubled. Once again this month there were no applications or APIs that were not attacked.
  • The..
Continue Reading >>

How Contrast Security Protects Applications from the Inside

 John Breeden at CSO Magazine Online posted his review of Contrast Security last week. The article, “How Contrast Security protects applications from the inside out” is extremely in-depth.

Continue Reading >>

How to Develop More Secure Software & the 2018 Cybersecurity Excellence Awards

The subject of security in the area of software development is an important one, as there are a number of different challenges that developers face while trying to develop more secure software. Steve Feldman, our Vice President of Engineering, was..

Continue Reading >>

CONTRAST LABS: January 2018 AppSec Threat Intelligence Report

ByContrast Labs February 6, 2018

Contrast Labs' analysis of real world application attack data from January 2018.

Overview

  • In January, overall application attack volume just about doubled. Once again this month there were no applications or APIs that were not attacked.
  • Once..
Continue Reading >>

CONTRAST LABS: December AppSec Threat Intelligence Report

Contrast Labs' analysis of real world application attack data from December 2017.

Overview

  • December was a huge month for application layer attacks, with large increases in every category of attack except Padding Oracle. Overall, we saw a 5x..
Continue Reading >>

CONTRAST LABS: November AppSec Threat Intelligence Report

ByContrast Labs December 27, 2017

Contrast Labs analysis of real world attack data from November.

Observations

  • Overall attack traffic was down in November from our highs in August. Once again this month, virtually every application/API was attacked, and some were continuously..
Continue Reading >>

Jeff Williams, Contrast CTO: Security Predictions for 2018

Security Predictions for 2018

The world of software is changing quickly at all of our clients. As we look across tens of thousands of applications and a wealth of vulnerability and attack data, some clear trends emerge. We continue to believe..

Continue Reading >>

SUBSCRIBE TO THE BLOG

Learn how to unify security strategy across & development operations. See how to set up a CAS program with only eight activities!

Download the Handbook