Skip to content

AppSec Observer: RASP

Contrast's application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.

Subscribe Now
    Topics
    Critical zero-day Confluence RCE vulnerability blocked by Contrast Runtime Security

    Critical zero-day Confluence RCE vulnerability blocked by Contrast Runtime Security

    If your organization is running an older version of Atlassian Confluence Server that’s affected by CVE-2023-22527 — the..

    Contrast Security recognized in the 2023 Gartner® AppSec Testing Voice of the Customer report

    Contrast Security recognized in the 2023 Gartner® AppSec Testing Voice of the Customer report

    The 2023 Gartner Peer Insights™ “Voice of the Customer”: Application Security Testing report has recognized Contrast..

    3 ways Contrast helps to build digital resilience

    3 ways Contrast helps to build digital resilience

    Cyberattacks, supply-chain issues, flooding, tsunamis, wildfires, equipment failures and even war: The financial sector..

    Log4j still an issue, but CodeSec audit can help

    Log4j still an issue, but CodeSec audit can help

    Landing on the incident response boards for software engineering teams worldwide in December 2021, the Log4j..

    Building a modern API security strategy — API protection

    Building a modern API security strategy — API protection

    Part four of the five-part series, Building a modern API security strategy.

    Debunking the myths around RASP

    Debunking the myths around RASP

    Welcome to the second part of this series examining some of the myths that I’ve heard in many conversations around..

    Apache Struts CVE-2019-0230 Vulnerabilities and How to Block Attacks

    Apache Struts CVE-2019-0230 Vulnerabilities and How to Block Attacks

    Note: Special thanks to Alvaro Muñoz (https://twitter.com/pwntester) for correcting us on some very important technical..

    Emerging from the Tool Swamp to a Unified AppSec Platform

    Emerging from the Tool Swamp to a Unified AppSec Platform

    Traditional approaches to application security (AppSec) rely on a patchwork of disconnected tools and processes that..

    State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

    State-of-the-Art AppSec Goes Beyond Perimeter Into Application Runtimes

    When it comes to protecting running applications, traditional defenses that sit on the perimeter lack effective..