In the News
Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
![Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives](https://www.contrastsecurity.com/hubfs/Silicon%20Angle.png)
![App Protection Platform Provider Contrast Security Launches MSSP Program; Contrast Builds Leadership Team](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.36.24%20AM.png)
04/24/2023
App Protection Platform Provider Contrast Security Launches MSSP Program; Contrast Builds Leadership Team
Working with Contrast solutions provides MSSPs.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Security-by-Design Guidelines From International Coalition Pressure Manufacturers to Bake Defenses Into Products](https://www.contrastsecurity.com/hubfs/cpo-mag-logo.png)
04/21/2023
Security-by-Design Guidelines From International Coalition Pressure Manufacturers to Bake Defenses Into Products
New security-by-design and security-by-default guidelines from a collection of federal agencies.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![The 3CX compromise: a complex supply-chain attack.](https://www.contrastsecurity.com/hubfs/the-cyberwire-logo-vector.png)
04/21/2023
The 3CX compromise: a complex supply-chain attack.
The incident that affected 3CX was a complex supply-chain attack executed by a threat actor connected to a nation-state.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![RSA 2023 Preview: Modern Bank Heists Are All About the Hostages](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.42.49%20AM.png)
04/20/2023
RSA 2023 Preview: Modern Bank Heists Are All About the Hostages
In the second installment of our three-part series leading up to RSA Conference 2023.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Contrast Security Unveils MSSP Program for Code Security](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.44.05%20AM.png)
04/20/2023
Contrast Security Unveils MSSP Program for Code Security
The new MSSP program is under the company's Security Innovation Alliance.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![3CX breach linked to software supply chain attack on third party](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.45.12%20AM.png)
04/20/2023
3CX breach linked to software supply chain attack on third party
A successful breach of videoconferencing and business phone company 3CX Ltd.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![The Security and Productivity Implications of Low Code/No Code Development](https://www.contrastsecurity.com/hubfs/Archived/social-suggested-images/Duplicates%20or%20Old/securityweek_logo-3.jpg)
04/17/2023
The Security and Productivity Implications of Low Code/No Code Development
The low code/no code movement provides simplified app generation – but it needs to be understood to be safe.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![OSC&R embraces GitHub: Will it move the needle on supply chain security?](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.38.47%20AM.png)
04/13/2023
OSC&R embraces GitHub: Will it move the needle on supply chain security?
Here's what the Open Software Supply Chain Attack Reference (OSC&R) framework move means in the short run — and long term.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Pentagon super-leak suspect cuffed: 21-year-old Air National Guardsman](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.37.13%20AM.png)
04/13/2023
Pentagon super-leak suspect cuffed: 21-year-old Air National Guardsman
When bragging about your job on Discord gets just a little out of hand?
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![Why 'shift left' is now a dirty term in some security circles](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.38.47%20AM.png)
04/11/2023
Why 'shift left' is now a dirty term in some security circles
Here's why some security practitioners question the term — and what they think app sec teams should focus on instead.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.36.24%20AM.png)
04/07/2023
A. Today’s MSSP, MSP, MDR, XDR and Cybersecurity Market News
Each business day, MSSP Alert delivers a quick lineup of news, analysis and chatter from across the managed security services provider ecosystem.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
![US, NATO military plans leak: Actual war strategy or pro-Kremlin shenanigans?](https://www.contrastsecurity.com/hubfs/Screenshot%202023-05-08%20at%2010.37.13%20AM.png)
04/07/2023
US, NATO military plans leak: Actual war strategy or pro-Kremlin shenanigans?
Russia is the king of disinformation and hybrid warfare' expert tells El Reg.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)