Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Learn about the hidden dangers of traditional AppSec tools and why Runtime Security is replacing them: podcast writeup

    Learn about the hidden dangers of traditional AppSec tools and why Runtime Security is replacing them: podcast writeup

    Are traditional AppSec tools keeping up with advances in software? That was the question The Application Security..

    Your WAF doesn't have your back

    Your WAF doesn't have your back

    Why WAFs leave you adrift in the treacherous waters of cybersecurity In the ever-shifting currents of the cybersecurity..

    Cybersecurity Insights with Contrast CISO David Lindner | 9/22

    Cybersecurity Insights with Contrast CISO David Lindner | 9/22

    Insight #1 There will always be a balance in the psychological acceptability of any security controls put on users...

    Contrast Security serves up vulnerability data integrated into AWS Security Hub

    Contrast Security serves up vulnerability data integrated into AWS Security Hub

    In the world of incident response, you need the right information, at the right time, and you need it where you want to..

    Cybersecurity Insights with Contrast CISO David Lindner | 9/15

    Cybersecurity Insights with Contrast CISO David Lindner | 9/15

    Insight #1 Software Bills of Materials (SBOMs) are nothing more than a data point for determining risk. They shouldn’t..

    Why we shouldn't treat the CVSS base score as gospel

    Why we shouldn't treat the CVSS base score as gospel

    On Sept. 6, Cisco issued an urgent fix for an authentication bypass flaw affecting the single sign-on (SSO)..

    Cybersecurity Insights with Contrast CISO David Lindner | 9/8

    Cybersecurity Insights with Contrast CISO David Lindner | 9/8

    Insight #1 Prompt injection is becoming a serious concern for those using current AI technologies. When using AI, make..

    Trust ‘zero trust’ for Application Security

    Trust ‘zero trust’ for Application Security

    The perimeter cybersecurity model is like the defensive walls that surround ancient cities. For thousands of years,..

    3 reasons why upskilling the nation’s cybersec savvy won’t solve the skills gap

    3 reasons why upskilling the nation’s cybersec savvy won’t solve the skills gap

    The White House recently announced its new National Cyber Workforce and Education Strategy & Implementation (NCWES): a..