Contrast Security launched its developer-focused education program Contrast Security Learning Hub and the Contrast Community forum to broaden access to secure coding practices. The learning hub is a free program that provides interactive lessons on vulnerabilities across different languages and ecosystems. The program covers existing OWASP topics and JavaScript, Java, .NET, and Node.js programming languages. … continue reading
Contrast Security has announced a new sponsorship program to support open source developers. Under the new Open Source Software Sponsorship Program, developers working on open source projects will be financially supported. According to the company, this will help accelerate time-to-market of those projects as well. Contrast Security explained that while open-source software has many benefits, … continue reading
Contrast Security, the code security company, today announced the expansion of its Secure Code Platform’s static application security testing capabilities to include JavaScript language support as well as support for Angular, React, and jQuery frameworks. With this, developers are enabled to quickly find and repair security defects in their client-side code. The addition of Contrast … continue reading
Contrast Security, the code security company that enables developers to secure while they code, today unveiled a new code scanning tool, CodeSec by Contrast Security. The tool is free to use and provides developers with a self-service, enterprise-tested application security solution. With CodeSec developers can scan code and serverless environments in order to secure their … continue reading
The code security company, Contrast Security, announced that it will be entering into a partnership with Red Hat OpenShift to allow users to deploy secure, containerized applications by integrating within native CI/CD pipelines. With these integrations, customers will be able to retain the scalability of the OpenShift Container Platform and gain automated security testing as … continue reading
For a long time, security teams have been able to mostly rely on the safety of a security perimeter, but with things like IoT, embedded development, and now remote and hybrid work, this notion of a defensible perimeter is totally gone. Having all of these connected devices that don’t live under one network expands the … continue reading
The following is a listing of DevSecOps tool providers, along with a brief description of their offerings. Bridgecrew by Prisma Cloud automates security from code to cloud. By embedding earlier in the DevOps lifecycle, Bridgecrew enables developers to write secure code without slowing them down. In addition to its DevSecOps tools and integrations, Bridgecrew’s platform … continue reading
We asked these tool providers to share more information on how their solutions help companies with security in remote or hybrid settings. Their responses are below. Guy Eisenkot, VP of product and co-founder of Bridgecrew by Prisma Cloud As hybrid work environments and cloud infrastructure environments become the norm, organizations’ attack surfaces are only getting … continue reading
Contrast Security has announced that it is entering into a partnership with GitHub. With this comes the availability of Contrast Security’s suite of GitHub Actions that simplifies the process for developers to deliver code with no security vulnerabilities. Contrast’s GitHub Actions include four features that work to embed security into existing value streams. These actions … continue reading
SafeLog4j is an open-source tool that can detect and verify vulnerable Log4j applications and protect them. This project comes after a 0-day exploit in the Java logging library, Log4j (version 2) was discovered on December 9. The vulnerability resulted in Remote Code Execution by logging a certain string. SafeLog4j works inside an application, blocking the … continue reading
Microsoft announced that NuGet 6.0 is being included in Visual Studio 2022 and .NET 6.0 out of the box. NuGet 6.0 can also be downloaded for macOS, Windows, and Linux as a standalone executable. The NuGet tooling assists developers in discovering new .NET packages to use for their .NET applications, while also making package management … continue reading
The following is a listing of cloud-native security tool providers, along with a brief description of their offerings. Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and accelerate their digital transformations. The Aqua Platform provides prevention, detection, and response automation across the entire application life cycle to … continue reading