Contrast Security is the only continuous secure coding platform that natively integrates into all stages of the software development life cycle, from development to production. Delivering three security solutions via a single platform — runtime code security (IAST), open-source security (SCA), and runtime application self protection (RASP) — Contrast Security solutions map to all of the very latest US Federal Government security directives, including:

CISA Zero Trust Maturity Model

Solutions that map to the directives of the Application Workload pillar (Pillar 4), including:

• Threat protection
• Accessibility
• Application Security
• Visibility & Analytics Capability
• Automation & Orchestration Capability

NIST 800-53, Rev. 5

Runtime Application Self-Protection (RASP) to address SI-17(7):

• Detects and blocks vulnerabilities
• Senses “probe” vs. genuine attacks
• Monitors and blocks inputs
• Protects runtime environments

Interactive Application Security Testing (IAST) to address SA-11(9):

• Detects vulnerabilities during test runs
• Identifies a full range of vulnerabilities
• Monitors all code, libraries, frameworks, and connections
• Performs continuous, real-time assessments

President Biden’s Cybersecurity Executive Order

• Tracks security threat information (EO Sections 2 & 7)
• Modernizes federal app security (EO Section 3)
• Enhances supply chain security (EO Section 4)
• Application incident response playbook (EO Sections 6 & 8)

CISA Binding Operational Directive 22-01

• Instantaneous CVE alerts
• Application runtime protection
• Address many of the over 250 listed vulnerabilities