Newsroom
Contrast Security Wins the 2024 PwC Luxembourg Jury's Choice Award for Cybersecurity & Privacy Solution of the Year
The award was presented at PwC's Cybersecurity & Privacy Day 2024 event, where companies pitched their solutions to an executive audience and distinguished jury. After voting, the jury declared Contrast the winner. To see the presentation and slides that won, go to this link. The event's mission is to help CISOs, DPOs and CEOs ensure they keep their organization secure in a digital society.
![CodeSec by Contrast Security](https://www.contrastsecurity.com/hubfs/cs_press%20image.jpg)
Latest News
![GitLab Fixes Security Flaw That Lets Attackers Run Pipeline Jobs](https://www.contrastsecurity.com/hubfs/DevOps.com.png)
GitLab Fixes Security Flaw That Lets Attackers Run Pipeline Jobs
Contrast Security CISO David Lindner said this vulnerability is something administrators need to take notice of, and heed GitLab’s advice to upgrade immediately.
“This is REALLY bad, as it effectively turns off access controls for running pipelines, which is the lifeblood of moving software from development to production,” Lindner wrote in an email. “This vulnerability could allow unauthorized users to execute pipeline jobs as any other user, which in turn could enable attackers to run malicious code, access sensitive data and compromise software integrity.”
![Unauthorized content alteration bug found in NSA platform](https://www.contrastsecurity.com/hubfs/SC%20Media.png)
Unauthorized content alteration bug found in NSA platform
The U.S. National Security Agency's open-source SkillTree training platform on GitHub has been impacted by a medium severity cross-site request forgery vulnerability, tracked as CVE-2024-39326, which could be leveraged to facilitate unauthorized modifications of training content, SiliconAngle reports.
![GitLab patches 2nd critical pipeline vulnerability in last month](https://www.contrastsecurity.com/hubfs/SC%20Media.png)
GitLab patches 2nd critical pipeline vulnerability in last month
The critical vulnerabilities CVE-2024-6385 and CVE-2024-5655 could put developers’ projects at risk by enabling attackers to “run malicious code, access sensitive data and compromise software integrity,” Contrast Security CISO David Lindner told SC Media.
“This is REALLY bad, as it effectively turns off access controls for running pipelines, which is the lifeblood of moving software from development to production,” Lindner sai
Recent Press Releases
06/17/2024
Contrast Security won the highly competitive 2024 PwC Luxembourg Award for Cybersecurity & Privacy Solution of the Year. Contrast provides the industry's first Runtime Security Platform to automatically prevent exploits on applications and APIs in production and prevent insecure programming early in development.
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
04/04/2024
Contrast Named One of the Hottest Cybersecurity Companies in the 2024 Citizens JMP Securities LLC Cyber 66 Report
![arrow-right-tertiary](https://www.contrastsecurity.com/hubfs/Contrast_Security/icons/arrow-right-tertiary.png)
Secure your apps and APIs from within
Schedule a one-to-one demo to see what Contrast Runtime Security can do for you