An Intellyx Brain Candy Brief
Contrast Security offers code-level application security (appsec) that goes well beyond what the older, code scanning approaches were able to offer.
Developers simply drop the Contrast Security agent into their Java, .Net CLR, Ruby, or Node.js environment. The tool then automatically notifies developers when they write code vulnerable to SQL injection, cross-site scripting, or many other potential vulnerabilities.
Such notifications appear wherever the developer wants them, as Contrast Security sends alerts to Eclipse, Jenkins, Jira, and many other tools.
In addition, because Contrast Security instruments code binaries in production, it can detect and report upon application vulnerabilities as the problematic code executes. As a result, the tool is far more accurate and reports vastly fewer false positives than any Web Application Firewall (WAF) on the market.
Copyright © Intellyx LLC. Intellyx publishes the Agile Digital Transformation Roadmap poster, advises companies on their digital transformation initiatives, and helps vendors communicate their agility stories. As of the time of writing, none of the organizations mentioned in this article are Intellyx customers. To be considered for a Brain Candy article, email us at pr@intellyx.com.