Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Hacked... Because of an Insecure Library

    Hacked... Because of an Insecure Library

    This morning, ZDNet’s Zack Whittaker reported a hacker has targeted the official forum for the mobile game Clash of..

    crying-wolf-the-true-cost-of-false-positive-vulnerabilities-1.jpg

    The True Cost of "False Positives" in Application Security

    Remember the story of the boy who cried wolf? His pranks were "false alarms" - defined as "a mistaken or intentionally..

    Pokemon_Go_Security_fail.jpg

    Security Fail in Pokémon Go

    As you may have heard, some Pokémon Go players may have given the game’s developers access to everything on their..

    Contrast releases new open source integrations to transform DevOps into DevSecOps

    Contrast releases new open source integrations to transform DevOps into DevSecOps

    Contrast is tailor-made for powering appsec in devops organizations. It's instant, accurate, powerful, and scalable. It..

    Third category of application security tools beyond

    Third category of application security tools beyond "static" and "dynamic"?

    Recently, Clark Coleman asked a very logical question about application security tools.

    Waiter… there’s a fly in my appsec tool soup!!!

    Waiter… there’s a fly in my appsec tool soup!!!

    Brace yourself. Recent advances in application security are about to spawn an onslaught of application security tool..

    The Client Is Not Always Right!

    The Client Is Not Always Right!

    J’accuse! I often get the question, “How well does your product handle iOS?” I’d like to explain why I think this..

    First-of-its-kind Cyber Security Product Unifies Vulnerability Detection & Attack Protection

    Contrast Introduces Continuous Application Security Contrast Security, the next generation leader in finding..

    How to Get Started in Application Security

    How to Get Started in Application Security

    My OWASP Cheat Sheet for Cross-site Scripting (XSS) just passed 1M views, and I'm proud of that. It ain't Shakespeare,..