Skip to content

AppSec Observer: AppSec (3)

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

    Expression language and deserialization attacks on the rise in lead-up to Log4j vulnerability

    It’s been a couple of weeks since the first public disclosure of the Log4j vulnerability. A lot has happened - perhaps..

    WAF, RASP and Log4Shell

    WAF, RASP and Log4Shell

    Log4Shell has done an excellent job of making the case for Runtime Application Self-Protection (RASP). Here’s the quick..

    85% of Developers in the Technology Industry Deploy Daily, Yet 8 in 10 Aren’t Going Fast Enough

    85% of Developers in the Technology Industry Deploy Daily, Yet 8 in 10 Aren’t Going Fast Enough

    Organizations aspire to reach perfection and often look to emulate best practices of peer organizations to do so. When..

    security-observability

    WHY OBSERVABILITY IS THE NEXT BIG THING IN SECURITY

    Accelerate cloud migrations with security observability across your development life cycle.

    Accuracy in AppSec Is Critical to Reducing False Positives

    Accuracy in AppSec Is Critical to Reducing False Positives

    According to a new report from the Neustar International Security Council (NISC), over one-quarter of security alerts..

    Protect Sensitive Data, Reduce Risk, and Gain Regulatory Compliance with Embedded Data Security

    Protect Sensitive Data, Reduce Risk, and Gain Regulatory Compliance with Embedded Data Security

    Sensitive data often leaks out through applications. The privacy risk is not developer negligence, but rather misplaced..

    Emerging from the Tool Swamp to a Unified AppSec Platform

    Emerging from the Tool Swamp to a Unified AppSec Platform

    Traditional approaches to application security (AppSec) rely on a patchwork of disconnected tools and processes that..

    Traditional AppSec Code Halts Kill DevOps Release Cycles

    In recent years, the application security (AppSec) field has not advanced as rapidly as the software development..

    State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

    State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

    When it comes to protecting running applications, traditional defenses that sit on the perimeter lack effective..