Achieve secure code flow
Visual Studio Code
Contrast’s integration with Visual Studio Code enables dev teams to see vulnerabilities by severity and status directly from the plugin including granular details and fix recommendations.
Visual Studio
Visual Studio in combination with Contrast enables teams to see vulnerabilities directly from the plugin for faster remediation. Developers gain visibility and vulnerability insights on the line of code in the Contrast Vulnerability tab.
Visual Studio for Mac
Provides vulnerability details by severity, application, status and history enabling dev teams to pull and coordinate information from the Contrast Platform to gain granular details and activity status.
Intellij
The Contrast and Intellij Integration displays vulnerabilities from instrumented applications pulled from the Contrast Platform. For in-depth vulnerability information, use the Contrast Platform UI to drill down on affected lines of code for detailed vulnerability information.
Eclipse
Vulnerabilities found via Contrast can be displayed and remediated directly in the Eclipse IDE plugin. This includes changing the vulnerability status once the vulnerability is fixed. Detailed vulnerability information is displayed in the Contrast UI.
Kenna Security
Contrast and Kenna’s joint partnership and integration enables Contrast custom code and open source vulnerability data to be imported into Kenna.AppSec, where it is combined with real-world threat and exploit intelligence and advanced data science to determine which vulnerabilities pose the highest risk and which can be deprioritized.
Brinqa
Integration of Contrast Application Security Platform with Brinqa enables application vulnerability data to be imported into the Brinqa Knowledge Platform so DevSecOps teams can easily transform security, risk, context and threat data into knowledge-driven insights.
ThreadFix
Contrast custom code and open source vulnerability data can be imported into ThreadFix Vulnerability Management Platform enabling DevSecOps teams to centralize and correlate vulnerability data for accurate risk-based decisions.
Secure Code Warrior
The Contrast - Secure Code Warrior integration provides just-in-time “how-to-fix” help via micro-videos and interactive contextual courses that are specific to the code that is being fixed or the vulnerabilities found by the Contrast Application Security Platform
Azure Sentinel
Secure your apps on Azure by preventing attacks. Contrast Protect empowers teams to defend their applications anywhere they run, by embedding an automated and accurate runtime protection capability within the application to continuously monitor and block attacks.
Splunk
Contrast integrates seamlessly with Splunk so application vulnerabilities and attacks can be collected and displayed directly in the Splunk dashboard for a centralized analysis and viewing of all incidents.
Sumo Logic
Contrast communicates with Sumo Logic so application vulnerabilities and attacks can be seen directly in Sumo Logic dashboards for a centralized view of all incidents.
DATADOG
Contrast can easily send application security vulnerabilities directly to DataDog so they can be viewed or incorporated with all security events to get a complete picture of security posture.
Azure Sentinel
Secure your apps on Azure by preventing attacks. Contrast Protect empowers teams to defend their applications anywhere they run, by embedding an automated and accurate runtime protection capability within the application to continuously monitor and block attacks.
Splunk On-Call
Contrast’s integration with Splunk On-Cal enables Contrast to send attack notification to Splunk On-Call so teams can take necessary action against attacks.
PageDuty
Contrast can be configured to send application security attack notifications to PagerDuty for immediate notification to on-call teams.
Bamboo
The Bamboo plugin enables you to fail builds for applications that are too vulnerable.
Jenkins
Contrast’s integration with Jenkins allows teams to fail or mark builds unstable if the applications are too vulnerable. Contrast considers parameters such as numbers of vulnerabilities, severity, and rule types.
Azure Devops Pipeline
Contrast’s integration with Azure DevOps enables teams to fail or classify builds as unstable, preventing vulnerable applications from being released to production due to severity, number of vulnerabilities and rules.
Circleci
The integration of Contrast and Circle CI allows teams to classify builds (fail/unstable) if the applications are vulnerable.
github
Contrast’s homegrown GitHub pipeline integrations enable secure code delivery for developers without ever needing to leave their GitHub environment.
Red Hat
Contrast embeds security telemetry and automated policy gates within cloud-native application delivery processes with Red Hat OpenShift – no manual configuration or overhead required.
Maven
The Maven plugin allows Contrast to discover vulnerabilities in your applications during integration or verification testing.
Gradle
The Gradle plugin allows Contrast to discover vulnerabilities in your applications during integration or verification testing.
Java
Contrast’s architecture easily enables teams to customize or create new capabilities for java applications for extending the Contrast Platform without needing to use Contrast’s APIs directly.
Javascript SDK
Applications using JavaScript can extend the Contrast Platform through the use of the JavaScript SDK. Custom built services can receive notifications about new application vulnerabilities.
Python
Companies may need to integrate Python applications with Contrast to track application security vulnerabilities. Contrast enables easy integration through Python SDKs.
.NET SDK
NET Core SDK can integrate with the Contrast Platform enabling .Net applications to pull Contrast data without needing to use the API directly.
Webhook
Contrast supports a generic webhook integration. This enables custom services to receive notifications on any URL that receives a POST message. Subscribe to any number of metadata fields for several event triggers.
Contrast CLI
The Contrast CLI enables you to identify vulnerable libraries, fail a build based on CVE severity and view a dependency tree to understand the dependencies between libraries and where vulnerabilities have been introduced.