CodeSec Audit - Read Me

Easily secure your vulnerable libraries with CodeSec - audit. Below is a free tutorial and step-by-step guide to help you get started.

Step 1 – Install

Open a command-prompt or terminal, then install with NPM, Homebrew or by downloading binaries from Artifactory :

brew tap contrastsecurity/tap
brew install contrast

Step 2 – Authenticate

Authenticate using your existing GitHub or Google account.

contrast auth

Step 3 – Run

Find your vulnerabilities

Audit

Navigate to your chosen directory.
Then run an SCA audit with the following command.

contrast audit

In minutes CodeSec by Contrast will report all known vulnerabilities found in your libraries with actionable remediation.

Need help getting started? Check out and download our cheatsheet

Supported languages:

Additionally, check out this video and learn how to create an SBOM with our SCA tool at no cost.

Secure your GitHub CI/CD pipeline from vulnerable libraries for free, by connecting CodeSec to Contrast SCA GitHub action. Enabling users to automate SCA as part of their GitHub pipeline.

Check out this video to learn more.

Contrast support

Contrast Security is the leader in modernized application security, embedding code analysis and attack prevention directly into software. Contrast’s patented deep security instrumentation completely disrupts traditional application security approaches with integrated, comprehensive security observability that delivers highly accurate assessment and continuous protection of an entire application portfolio. This eliminates the need for disruptive scanning, expensive infrastructure workloads, and specialized security experts. The Contrast Application Security Platform accelerates development cycles, improves efficiencies and cost, and enables rapid scale while protecting applications from known and unknown threats.