We’ve recently wrapped up a dynamic week at RSA 2019 in San Francisco where we had over 500 visitors to our booth, executive meetings and won the Cyber Defense Magazine Award for Editor’s Choice Application Security. It’s a good time to reflect on the major theme of the show and the success of our second annual Contrast User Group meeting.
At RSA this year, we hosted our second annual Contrast Security User Group Meeting and were excited to hear the many creative ways our customers are using Contrast’s solutions in cloud computing, containers and microservices. They’re integrating the latest development methodologies, including Agile, DevOps, and CI/CD throughout their entire SDLC. During the event, customers learned from and shared ideas with fellow members, had input into our product roadmap, and engaged in collaborative problem solving with fellow practitioners and Contrast team members.
Additionally, it’s fitting to mention the excitement of Contrast’s recently secured series D funding round of $65M which will help accelerate our technology innovation, field operations, international expansion and strategies to support our customers.
Each year the RSA conference highlights a key theme and focus within information security - the theme for RSA was “BETTER”. Although not particularly specific, it’s obvious that organizations are still feeling severely challenged in implementing a robust and reliable security posture, and security companies must increase how they can help. Vulnerability rates in application software remain as high as they were 15 years ago, traditional tools and processes aren’t compatible with modern software, and organizations are only protecting a tiny fraction of their application and API portfolio, according to Jeff Williams, CTO and Co-Founder of Contrast Security.
Jeff writes, “In application security, BETTER isn’t very difficult to imagine. At Contrast, we imagine a world where developers are empowered to write secure code by getting instant and accurate feedback on the exact code they are working on via the tools they are already using. We imagine strong assurance through complete security testing during CI/CD without slowing down the process. Finally, we imagine applications and APIs that are attack-aware and protect themselves in production. We see a culture of development, security, and operations working together to deploy secure code as part of a high velocity pipeline that generates innovation. In short, we believe in DevSecOps.
DevSecOps is a powerful concept that is becoming real through adoption of transformative culture, practices, and tools. Contrast is an important part of this change, but of course it’s not everything. We believe that by measuring, analyzing, and protecting applications through instrumentation, we have a huge information advantage. That information advantage translates into faster and more accurate application security testing (*AST), more powerful open source analysis, and powerful runtime exploit prevention (RASP). We’ve had amazing successes working with companies to quickly establish basic DevSecOps capabilities, eliminate vulnerability backlogs, and get organizations deal with new vulnerabilities before code is even checked in. It’s not perfect yet, but it’s definitely BETTER."
See Jeff’s interview with Dark Reading here.
As we progress into 2019 we look forward to a secure and bright future for all our customers, our partners and the world at large. Working together we can be “BETTER” in creating a secure world for all.