Application Security Blog - AppSec news, trends, tips and insights

25 October 2021

SECURING THE SOFTWARE SUPPLY CHAIN STARTS WITH A SOFTWARE BILL OF MATERIALS (SBOM)

As readers of the AppSec Observer blog are aware, application attacks have continued unabated throughout the massive..

11 October 2021

Understanding Software Supply Chain Risks and How to Mitigate Them

As demand for new applications continues to rise, developers are adapting new tools and techniques to accelerate their..

20 September 2021

IAST Is the Only Way to Accurately Detect SSRF

With server-side request forgery (SSRF) becoming a more important bug class in the era of microservices, I wanted to..

13 September 2021

Bounty Hunters Wanted: The Contrast Security Bug Bounty Program

A few years ago, Contrast Security launched a private, “invite-only” bug bounty program focused on Contrast Protect. We..

10 September 2021

Contrast Blocked Confluence CVE Attacks—Even Before the Patch

On August 25, Atlassian released security updates to address a remote code execution vulnerability (CVE-2021-26084)..

1 September 2021

Modern Problems: Traditional Security Scanning Wasn’t Built for Today’s Pipelines

Over the past 20 years, source-code scanning using static analysis has been a principal method for testing the security..

1 September 2021

Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

A new joint solution from Contrast Security and Kenna Security enables organizations to manage vulnerabilities in one..

11 August 2021

How To Start DevSecOps Within the Public Cloud—a Technical Guide

Setting the Stage: Application Security for Containerized Applications in AWS Organizations everywhere are either..

4 August 2021

TELEMETRY SHOWS THAT CUSTOM CODE MAKES UP 78% OF ACTIVE CODE

Application Security Observability Report Finds that 74% of Code In An Application Is Never Invoked Digital..

BY USE CASE

BY DEPARTMENT

BY INDUSTRY

GITHUB ACTIONS BLOG SERIES, PART 1: PIPELINE NATIVE CODE ANALYSIS

Contrast Security recognized as a Visionary by Gartner in Application Security Testing.

Contrast Incident Response Hub

Contrast Marketing

SECURING THE SOFTWARE SUPPLY CHAIN STARTS WITH A SOFTWARE BILL OF MATERIALS (SBOM)

Understanding Software Supply Chain Risks and How to Mitigate Them

IAST Is the Only Way to Accurately Detect SSRF

Bounty Hunters Wanted: The Contrast Security Bug Bounty Program

Contrast Blocked Confluence CVE Attacks—Even Before the Patch

Modern Problems: Traditional Security Scanning Wasn’t Built for Today’s Pipelines

Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

How To Start DevSecOps Within the Public Cloud—a Technical Guide

TELEMETRY SHOWS THAT CUSTOM CODE MAKES UP 78% OF ACTIVE CODE

BY USE CASE

BY DEPARTMENT

BY INDUSTRY

GITHUB ACTIONS BLOG SERIES, PART 1: PIPELINE NATIVE CODE ANALYSIS

Contrast Security recognized as a Visionary by Gartner in Application Security Testing.

Contrast Incident Response Hub

Contrast Marketing

SECURING THE SOFTWARE SUPPLY CHAIN STARTS WITH A SOFTWARE BILL OF MATERIALS (SBOM)

Understanding Software Supply Chain Risks and How to Mitigate Them

IAST Is the Only Way to Accurately Detect SSRF

Bounty Hunters Wanted: The Contrast Security Bug Bounty Program

Contrast Blocked Confluence CVE Attacks—Even Before the Patch

Modern Problems: Traditional Security Scanning Wasn’t Built for Today’s Pipelines

Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

How To Start DevSecOps Within the Public Cloud—a Technical Guide

TELEMETRY SHOWS THAT CUSTOM CODE MAKES UP 78% OF ACTIVE CODE

Loving our content? Subscribe now!