Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    GitHub Actions Blog Series: Deploying with Microsoft AKS

    GitHub Actions Blog Series: Deploying with Microsoft AKS

    In my last blog post, we discussed the need for businesses to adopt distributed development and delivery models in..

    GitHub Actions Blog Series: Deploying with Amazon EKS

    GitHub Actions Blog Series: Deploying with Amazon EKS

    Over the past few years, we’ve seen almost every company that runs software change their strategies to include some..

    Securing Server-Side Kotlin

    Securing Server-Side Kotlin

    I’m excited to expand Contrast Assess language coverage to include Kotlin as a General Availability language. This new..

    GitHub Actions Security Blog: Pipeline Native Code Analysis

    GitHub Actions Security Blog: Pipeline Native Code Analysis

    Contrast Security, the leader in next-gen code security, today announced its partnership with GitHub and the..

    DHS Warns of Imminent Nation State Cyberthreats

    DHS Warns of Imminent Nation State Cyberthreats

    Situation Due to the ongoing degradation in Ukrainian and Russian relations, today, intelligence agencies from major..

    Contrast Security recognized as a High Performer in the G2 Grid Report for Software Composition Analysis

    Contrast Security recognized as a High Performer in the G2 Grid Report for Software Composition Analysis

    Data Privacy and the Future of Business: How Businesses Can Put Privacy First

    Data Privacy and the Future of Business: How Businesses Can Put Privacy First

    With the global big data market set to be worth nearly $235 billion by 2026, to say that data is now core to business..

    Log4J 2.17.1 - Lower Risk, Patch When You Can

    Log4J 2.17.1 - Lower Risk, Patch When You Can

    The season of Log4J vulnerabilities continues with a new Log4J 2.17.1 released on December 28, however the risk is..

    Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

    Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

    It’s been a couple of weeks since the first public disclosure of the Log4j vulnerability. A lot has happened - perhaps..