In a series of recent articles, Dan Woods from Forbes, has been analyzing how companies can best allocate their security portfolio dollars. To understand the security products on the market that can help companies address these complicated issues, Dan has interviewed numerous experts from leading security solutions companies.
For this piece, he spoke with Jeff Williams, the co-founder and CTO of Contrast Security to get a sense of where his company’s products fall into the larger security portfolio. Just like an investment portfolio, he argues that you want to make sure you’re getting a return on your investment and that you’re spreading your investments out, so you’re not overexposed in any one specific area.
All companies are - or fast becoming - software companies. Contrast addresses a critical space: ensuring that the software companies develop is secure. What follows is a brief excerpt from Dan's entire article. Read the full article here.
Interested in how you can eliminate over 60% of the annual cost to secure applications by using Contrast Assess? Read the Contrast Advantage Brief (PDF) >>
EXCERPT FROM FORBES ARTICLE
Why You Must Build Cybersecurity Into Your Applications
By Dan Woods
Because Contrast does both vulnerability detection and attack blocking, it achieves prevention, detection, and response. Contrast is a bit like a vaccine for your applications. It works throughout the software lifecycle, during development, testing, and operation, allowing companies to protect their applications from within because the product is embedded within the applications themselves. As Williams told me, this approach emerged from the dilemma companies face when they try to protect their software.
“Companies face a terrible choice: either they turn their business into software and they accept the fact that they’re going to have rampant vulnerabilities and breaches or they let their competition win the innovation race. And everyone chooses software,” said Williams. “But as a result, we’re going to have 111 billion new lines of code in 2017. And the problem is that these legacy tools, dynamic analysis tools, static analysis tools and web application firewalls, were invented in the early 2000s. They’re absolutely incapable of scaling to the level of modern software.”
This requires an approach that uses automation. Every business that has been around for more than five years will have legacy software integration challenges, which requires developing new code. Companies are constantly integrating new software platforms with older systems and a cybersecurity platform has to be able to protect all of these assets.