Contrast and Wiz integration

Executive summary of the integration

Contrast Security delivers real-time and always-on security inside applications and APIs. The integration between Contrast Security and Wiz allows mutual customers to manage vulnerabilities faster and with better accuracy than ever before. Contrast Security identifies application-level runtime vulnerabilities and seamlessly transfers this data to Wiz’s Cloud Native Application Protection Platform (CNAPP), to pinpoint a vulnerability in the cloud. This centralizes application vulnerability management , accelerates remediation, and strengthens overall cloud security posture.

Market challenge

Applications are prime targets for cyberattacks. However, many struggle with blind spots and false positives to protect the application layer. This causes lengthy investigations on the validity of vulnerability findings. Additionally, many tools are unable to run in production continuously without significant performance impact, so this is typically only done in pre-production, ignoring production altogether. Robust application security is essential to defend against attacks that jeopardize personal information, financial assets and even national security

Benefits of the integration

• Contextualized vulnerability information
  This integration provides visibility into Contrast’s runtime application vulnerabilities in Wiz to pinpoint the location of the application vulnerability within cloud environments.
• Comprehensive vulnerability management
  By feeding application vulnerability data into Wiz code, a user can centralize vulnerability management efforts. This allows visibility into vulnerabilities from both the cloud infrastructure and applications in a single pane of glass.
• Faster time to remediation
  Rapidly address vulnerabilities that matter. Contrast exposes runtime vulnerabilities limiting false positives, saving significant time on risk assessment, investigation and remediation.

The better together story

Contrast Security and Wiz join forces to deliver clear visibility into the specific location of open vulnerabilities in cloud environments. This helps to eliminate lengthy investigations into vulnerabilities and high false-positive rates. Contrast embeds itself within applications, providing always-on security and pinpointing vulnerabilities with laser precision across every environment, from development to production. This vital vulnerability data, including the affected application, is seamlessly relayed to Wiz. Wiz ingests the application vulnerabilities from Contrast on to the security graph, then correlates this information with the cloud environment to identify the exact location of vulnerabilities across every instance of the application. This empowers organizations with the application-layer context needed to accelerate remediation and fortify cloud security posture.

Use case overview, challenge and solution

Use case: Accelerate vulnerability remediation

Application security and security operations teams need to identify vulnerabilities that put their organization at risk, before attacks happen. This requires vulnerability context to rapidly and efficiently be able to find and remediate the issue, across all environments, from development to production.

Challenge

Organizations know vulnerabilities exist in their environments from application down to infrastructure, but it is time consuming to root out false positives, identify the exact location and understand the impact.

Solution: Enhanced vulnerability data with Contrast Security

Contrast Security provides the power of instrumentation by embedding security within an application, reducing false positives and delivering more accurate results than other tools. It seamlessly uploads that data to Wiz to provide rich context to not only prioritize risk, but also to identify exactly where in the application and cloud environment a vulnerability needs to be remediated, resulting in more efficient and stronger cloud security posture.