Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Please click for more information, or scroll down to pass the ad, or Close Ad.
Home Network Security Viruses & Malware Hackers Security Solutions More Topics...
Build Apps 5x Faster
For Half the Cost
Enterprise Cloud Computing

On Force.com
DST Press Releases
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Contrast Illuminates Web Application Vulnerabilities
Contrast Illuminates Web Application Vulnerabilities

 
October 1, 2012 11:53AM
Announcing Contrast™ – A Revolutionary New Service that Illuminates Web Application Vulnerabilities from Within -- 'Finally, an application security technology that just works,' notes AppSec expert
 


Columbia, MD, Oct. 1, 2012 -- Today, Aspect Security announces the launch of Contrast™, a highly accurate and scalable SaaS solution to manage application security across an entire portfolio. Contrast is the first application security service that installs on application servers in less than five minutes and creates a real-time dashboard of intelligence and vulnerabilities. Anyone - even those with no previous security experience - can use Contrast to obtain an unprecedented level of clear, actionable security guidance.

Contrast is an IAST solution, integrating the best aspects of static application security testing (SAST) and dynamic application security testing (DAST) and applies them from inside the application server while it is running. This revolutionary innovation provides the Contrast engine with the most information possible, resulting in highly accurate findings across a broad coverage of vulnerabilities. Contrast also catalogs the application portfolio and automatically gathers information about each application's size, libraries, architecture, backend connections, sitemap, and test coverage.

"We love software, and it frustrates us to see criminals abuse it to do harm to others," said Jeff Williams, CEO of Aspect Security and a founding member of the Open Web Application Security Project (OWASP). "Application security technology doesn't work unless it's simple enough for anyone to use, is accurate enough so developers don't waste time, and is scalable across an entire application portfolio. As development and operations iterate faster and faster, application security challenges demand the use of instrumentation and real-time analysis like Contrast."

Patent-pending technology allows Contrast to instrument each application with a network of passive sensors that reveal both control and data flow through the code. While the application runs, Contrast pinpoints the exact location of security issues in the code, as well as the full HTTP request that caused that code to execute. The detailed traces include real data, enabling developers to identify the specific security problem and implement the necessary remediation with guidance from Contrast.

The Air Force Research Laboratory sponsored research for Contrast in hopes of finding scalable ways of making apps safer for government and civilian corporations world-wide. The research resulted in innovative, new performance approaches that make it possible to use Contrast in development, test and production environments.

"Organizations have very little insight into the security of the complex applications and components that they trust with the full control of their business," said Wayne Jackson, CEO of Sonatype. "I'm excited about the way Contrast creates visibility into security by examining what's actually happening within a running application. Contrast's approach to application security is simple to deploy, scales across the portfolio, and works with newer development approaches like Agile and DevOps." (continued...)

1  |  2  |  Next Page >

 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 DST Press Releases
1.   Pipelinersales Expands Exec Team
2.   Internet of Things Webinar Launches
3.   Ponemon: Organizations Under Siege
4.   CorvisaCloud Unveils SMS Platform
5.   DB Networks Named 'Hot Company'
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Tech Giants Fund Initiative To Prevent Future Heartbleeds
Can more funding prevent Heartbleed vulnerabilities in future open-source software? A new Core Infrastructure Initiative at the Linux Foundation is attempting to find out.
 
What Verizon's Data Breach Report Can Teach Enterprises
It’s probably not a jaw-dropper, but cyberespionage is officially on the rise. And the use of stolen or misused credentials is still the leading way the bad guys gain access to corporate information.
 
Top Cyberthreats Exposed by Verizon Report
Beyond Heartbleed, there are cyberthreats vying to take down enterprise networks, corrupt smartphones, and wreak havoc on businesses. Verizon is exposing these threats in a new report.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Hackers | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters | XML/RSS Feed

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.