Skip to content

AppSec Observer

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Libraries & Application Security, Part 2: Unknown Vulnerabilities

    Libraries & Application Security, Part 2: Unknown Vulnerabilities

    This is part two in a three-part series on vulnerable libraries. Click here to read part one where we discuss known..

    Libraries & Application Security, Part 1: Known Vulnerabilities

    Libraries & Application Security, Part 1: Known Vulnerabilities

    We're a fan of using open-source frameworks and libraries. It makes sense. It saves time and money when you don't have..

    What Healthcare Can Teach Us About Application Security

    What Healthcare Can Teach Us About Application Security

    The Centers for Disease Control protects people from health threats and increases the health security of our nation...

    The Dirty Little Secret Everyone in Application Security Knows But Few Actually Talk About: Until You Actually Fix Your Code, You're Not Actually More Secure

    The Dirty Little Secret Everyone in Application Security Knows But Few Actually Talk About: Until You Actually Fix Your Code, You're Not Actually More Secure

    Here's the dirty little secret everybody in application security knows but few are willing to say out loud: Until you..

    Using Instrumentation to Find Web Application Vulnerabilities

    Using Instrumentation to Find Web Application Vulnerabilities

    Since the advent of static analysis tools around the year 2002, there hasn't been much innovation in the automation..

    Five Application Security New Year's Resolutions Every Developer Can Make

    Five Application Security New Year's Resolutions Every Developer Can Make

    New Year's Resolutions can be tricky, and advice abounds on how you can do a better job at keeping them. For the sake..

    Secure Code Starts With Measuring What Developers Know

    Secure Code Starts With Measuring What Developers Know

    I recently discovered I've been teaching blindly about application security. I assumed that I know what students need..

    The Guerrilla Guide to Buying an Application Security Tool

    The Guerrilla Guide to Buying an Application Security Tool

    If you're going to buy an application security tool, don't get distracted by hype. Purchasing an application security..

    Application Security: We Still Have A Long Way To Go

    The past decade shows only trivial progress in improving web app security, according to new vulnerability guidelines in..