Featured
06/13/2024
Microsoft’s Brad Smith acknowledges past security failures, outlines new initiatives
Not everyone was as harsh on Microsoft’s previous mistakes. Jeff Williams, co-founder and chief technology officer at application security software platform provider Contrast Security Inc., noted that “while it’s pretty obvious in hindsight that they made a mistake, I think commentators are judging them without seeing the whole picture.”
“The unfortunate reality is that software is far more complex than most people understand,” he said. “A single application is built from dozens of source code repos, hundreds of open-source libraries, multiple application frameworks, server software and often multiple language platforms. And Microsoft has tens of thousands of applications, each of which has vulnerabilities reported all the time by tools, penetration testers, customers and more.”
05/28/2021
Application security not a priority for financial services institutions
Contrast Security announced the findings of a report based on a comprehensive survey of development, operations.
05/25/2021
Supply Chain Attacks: How To Reduce Open-Source Vulnerabilities
When you read that software supply chain attacks increased 42% in the first quarter of 2021 over Q4 2020.
05/07/2021
CONTRAST SECURITY ADDS GO LANGUAGE SUPPORT FOR INDUSTRY’S FIRST INTERACTIVE APPLICATION SECURITY ANALYZER
LOS ALTOS, Calif., May 6, 2021 /PRNewswire/ — Contrast Security today announced the addition of the Contrast Go agent to the Contrast Application Security Platform.
05/06/2021
Go Language Support for Industry’s First Interactive AppSec Analyzer
New agent delivers better accuracy and fewer false positives than legacy approaches which is critical for API security.
05/06/2021
SD Times news digest: Visual Studio 1.56 released, Contrast Security adds Go support, and SmartBear supports Simulink for peer code review
The April 2021 release of Visual Studio Code includes improved hover feedback to help users quickly find clickable editor actions, terminal profile improvements, and debugger inline values.
05/05/2021
Opportunities for DevSecOps in 2021
Organizational adoption and alignment, security of the software development pipeline, automation, and AI/ML.
05/05/2021
The Evolution of DevSecOps
Adoption has been driven by the expansion of tools, business operations, and software delivery automation.
04/27/2021
What the Dev?
We talk all things security with Jeff Williams, co-founder of OWASP and CTO and co-founder of Contrast Security.
.jpg)
04/14/2021
Protecting The Integrity Of The Software Factory
CTO and Co-Founder of Contrast Security - revolutionary security testing and protection for web applications and web APIs.
04/08/2021
Library Dependencies and the Open Source Supply Chain Nightmare
It’s a bigger problem than is immediately apparent, and has the potential for hacks as big as Equifax and as widespread as SolarWinds.
03/06/2021
A new type of supply-chain attack with serious consequences is flourishing
New dependency confusion attacks take aim at Microsoft, Amazon, Slack, Lyft, and Zillow.