Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
08/04/2022
What is Runtime Application Self-Protection
RASP is a security innovation that uses runtime instrumentation to identify and thwart threats utilizing data from inside the active software.
08/03/2022
Contrast Security Expands Free Developer Tool by Adding Open Source Security and SBOM Creation
Contrast Security (Contrast), the leader in code security that empowers developers to secure as they code, announced that software composition analysis (SCA) is now available for free in CodeSec.
08/02/2022
GitHub launches Projects, ratcheting up dev ecosystem battle
GitHub Projects brings new features to GitHub developers, but users of other application lifecycle management tools such as Jira are unlikely to make the switch.
07/29/2022
Why Experts Disagree On Whether Businesses Should Pay Ransomware Demands
A new report that the number of ransomware attacks has dropped this year does not mean companies and organizations should lower their guard against these threats.
07/27/2022
API inventory: Focusing on runtime code, not never-invoked libraries
Part one of the five-part series, Building a modern API security strategy.
07/20/2022
New Google Play Store Rules Could Encourage Privacy Violations
Taking a step back to move forward?
07/15/2022
Dragging App/API Security Out of the Stone Age
In the wake of the SolarWinds attack, an executive order advocated mandatory software bills of material (SBOMs) to increase transparency into the potentially vulnerability-laden components tucked into applications.
07/15/2022
At the AWS re:Inforce Conference, Contrast Security Unlocks the Potential of Serverless Technology
Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announced its lineup of events at AWS re:Inforce Conference 2022, taking place July 26-27 at the Boston Convention and Exhibition Center in Boston, Massachusetts.
07/14/2022
Issue 193: Five API security best practices, AppSec tools for APIs
This week, we have five best practices from SoftwareAGGov for API security, and views from Jeff Williams at Contrast Security on the suitability (or not) of application security (AppSec) testing tools for API security.
07/14/2022
Ben Goodman joins Contrast Security as SVP of Corporate Development and Strategic Alliances
Contrast Security announced the appointment of Ben Goodman, who will serve as the company’s Senior Vice President of Corporate Development and Strategic Alliances.
07/11/2022
Proposed SEC Rules Require More Transparency About Cyber-Risk
The new guidelines would require public companies to file periodic disclosures about their cybersecurity practices and notify the SEC within 96 hours of a material breach.
07/11/2022
Software Security Transparency Is Coming: Now Is The Time To Get Ready
CTO and Co-Founder of Contrast Security—helping companies become truly great at securing their apps and APIs.