Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    The Ankle Biters of the Application Security World

    The Ankle Biters of the Application Security World

    The playing field isn't exactly level, and ankle biters (aka script kiddies and hackers) know it. While businesses and..

    Why Static Application Security Scanners Just Can't Cut It Anymore

    Why Static Application Security Scanners Just Can't Cut It Anymore

    Static Analysis and Dynamic Analysis Tools Have Their Place To be clear: I’ve been an advocate of both dynamic..

    Which Application Security Vulnerabilities Do I Fix First?

    Which Application Security Vulnerabilities Do I Fix First?

    Not every vulnerability is a critical one. Let's face it: Not all vulnerabilities are created equal. Not every..

    The 6 Pillars of Application Security

    The 6 Pillars of Application Security

    Once you discover a vulnerability, it instantly is super-critical information. How do you protect security..

    Is Your AppSec Tool Truly Scalable?

    Is Your AppSec Tool Truly Scalable?

    Many businesses are trapped in a dilemma, a Morten's Fork – should we rely on automated tools to assure the application..

    The OWASP Top Ten and Beyond

    The OWASP Top Ten and Beyond

    The past decade shows only trivial progress in improving web app security, according to new vulnerability guidelines in..

    Application Security: Faster, Cleaner, Smarter.

    Application Security: Faster, Cleaner, Smarter.

    Our release notes are all always available, but I wanted to highlight the progress we've made since the end of last..

    Went To AppSec California 2014. Tried Contrast. Here's My Story.

    Went To AppSec California 2014. Tried Contrast. Here's My Story.

    We receive "fan" mail from many of our clients, and lots of people who watch a demo are impressed. But when Steve..

    Libraries & Application Security, Part 3: Unused Libraries

    Libraries & Application Security, Part 3: Unused Libraries

    This is the third blog posting in a series about vulnerable libraries. Click here for part one on known vulnerabilities..