Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    BEHIND-THE-SCENES OBSERVATIONS ON THE 2021 OWASP TOP TEN

    BEHIND-THE-SCENES OBSERVATIONS ON THE 2021 OWASP TOP TEN

    In mid-2016, I unexpectedly found myself on the leadership team for the OWASP Top Ten. It is hard to believe that I..

    THE 2021 OWASP TOP TEN EMPHASIZES SECURITY CONTROL AREAS OVER INDIVIDUAL VULNERABILITIES FOR IMPROVED RISK MANAGEMENT

    THE 2021 OWASP TOP TEN EMPHASIZES SECURITY CONTROL AREAS OVER INDIVIDUAL VULNERABILITIES FOR IMPROVED RISK MANAGEMENT

    The primary goal of the OWASP Top Ten has always been to drive awareness of the biggest application security risks out..

    IAST Is the Only Way to Accurately Detect SSRF

    IAST Is the Only Way to Accurately Detect SSRF

    With server-side request forgery (SSRF) becoming a more important bug class in the era of microservices, I wanted to..

    Bounty Hunters Wanted: The Contrast Security Bug Bounty Program

    Bounty Hunters Wanted: The Contrast Security Bug Bounty Program

    A few years ago, Contrast Security launched a private, “invite-only” bug bounty program focused on Contrast Protect. We..

    Contrast Blocked Confluence CVE Attacks—Even Before the Patch

    Contrast Blocked Confluence CVE Attacks—Even Before the Patch

    On August 25, Atlassian released security updates to address a remote code execution vulnerability (CVE-2021-26084)..

    THE FORTHCOMING 2021 OWASP TOP TEN SHOWS THAT THREAT MODELING IS NO LONGER OPTIONAL

    THE FORTHCOMING 2021 OWASP TOP TEN SHOWS THAT THREAT MODELING IS NO LONGER OPTIONAL

    In 2003, two years after the organization was founded, the Open Web Application Security Project (OWASP) published the..

    Modern Problems: Traditional Security Scanning Wasn’t Built for Today’s Pipelines

    Modern Problems: Traditional Security Scanning Wasn’t Built for Today’s Pipelines

    Over the past 20 years, source-code scanning using static analysis has been a principal method for testing the security..

    Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

    Contrast Meets Kenna: Teaming Up To Manage Vulnerabilities

    A new joint solution from Contrast Security and Kenna Security enables organizations to manage vulnerabilities in one..

    MUST-FIX VULNERABILITIES PER APPLICATION JUMP IN MAY–JUNE

    MUST-FIX VULNERABILITIES PER APPLICATION JUMP IN MAY–JUNE

    High-profile, damaging cyberattacks continued unabated in May and June of this year. Many American consumers felt the..

    Prev 36 37 38 39 40 Next