HOME     MENU     SEARCH     NEWSLETTER    
NEWS & INFORMATION FOR TECHNOLOGY PURCHASERS. UPDATED 13 MINUTES AGO.
You are here: Home / MTT Press Releases / Aspect Security Introduces Contrast
Contrast Illuminates Web Application Vulnerabilities
Contrast Illuminates Web Application Vulnerabilities
News as reported by the company Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
PUBLISHED:
OCTOBER
01
2012


Announcing Contrast™ – A Revolutionary New Service that Illuminates Web Application Vulnerabilities from Within -- 'Finally, an application security technology that just works,' notes AppSec expert

Columbia, MD, Oct. 1, 2012 -- Today, Aspect Security announces the launch of Contrast™, a highly accurate and scalable SaaS solution to manage application security across an entire portfolio. Contrast is the first application security service that installs on application servers in less than five minutes and creates a real-time dashboard of intelligence and vulnerabilities. Anyone - even those with no previous security experience - can use Contrast to obtain an unprecedented level of clear, actionable security guidance.

Contrast is an IAST solution, integrating the best aspects of static application security testing (SAST) and dynamic application security testing (DAST) and applies them from inside the application server while it is running. This revolutionary innovation provides the Contrast engine with the most information possible, resulting in highly accurate findings across a broad coverage of vulnerabilities. Contrast also catalogs the application portfolio and automatically gathers information about each application's size, libraries, architecture, backend connections, sitemap, and test coverage.

"We love software, and it frustrates us to see criminals abuse it to do harm to others," said Jeff Williams, CEO of Aspect Security and a founding member of the Open Web Application Security Project (OWASP). "Application security technology doesn't work unless it's simple enough for anyone to use, is accurate enough so developers don't waste time, and is scalable across an entire application portfolio. As development and operations iterate faster and faster, application security challenges demand the use of instrumentation and real-time analysis like Contrast."

Patent-pending technology allows Contrast to instrument each application with a network of passive sensors that reveal both control and data flow through the code. While the application runs, Contrast pinpoints the exact location of security issues in the code, as well as the full HTTP request that caused that code to execute. The detailed traces include real data, enabling developers to identify the specific security problem and implement the necessary remediation with guidance from Contrast.

The Air Force Research Laboratory sponsored research for Contrast in hopes of finding scalable ways of making apps safer for government and civilian corporations world-wide. The research resulted in innovative, new performance approaches that make it possible to use Contrast in development, test and production environments.

"Organizations have very little insight into the security of the complex applications and components that they trust with the full control of their business," said Wayne Jackson, CEO of Sonatype. "I'm excited about the way Contrast creates visibility into security by examining what's actually happening within a running application. Contrast's approach to application security is simple to deploy, scales across the portfolio, and works with newer development approaches like Agile and DevOps."

"Aspect Security is committed to bringing application security to all of the world's software. Breaches don't happen only to flagship applications; attackers often target small internal applications that are less protected," said Williams. "To that end, we have priced Contrast to be affordable by small projects and entire portfolios, alike."

Starting today, anyone can use Contrast Intelligence Edition for free. To get started at no cost in just minutes, users can register www.contrastsecurity.com. Contrast Pro, Business and Enterprise editions are offered on a per-application-per-month basis, starting at just $199.

About Aspect Security

Founded in 2002, Aspect Security is a consulting firm focused exclusively on application security, ensuring that the software that drives business is protected against hackers. Aspect Security's engineers analyze, test and validate on average of 5,000,000 lines of critical application code every month. The company unearths more than 10,000 vulnerabilities every year across a wide range of technologies and architectures, and the company's practical recommendations dramatically improve clients' security posture.

CEO Jeff Williams is a founding member of the Open Web Application Security Project (OWASP), through which he has made vast industry contributions including: the OWASP Top Ten, Enterprise Security API (ESAPI), Application Security Verification Standard (ASVS), Risk Rating Methodology and WebGoat.

For more information, please visit www.aspectsecurity.com.

Tell Us What You Think
Comment:

Name:

Like Us on FacebookFollow Us on Twitter
TOP STORIES NOW
MAY INTEREST YOU
ISACA® offers a global community of more than 115,000 IS/IT constituents in over 180 countries. We develop and deliver industry-leading certifications, education, research and business frameworks. We equip individuals to be leaders in the fast-changing world of information systems and IT - Learn More>
MORE IN MTT PRESS RELEASES
Product Information and Resources for Technology You Can Use To Boost Your Business

NETWORK SECURITY SPOTLIGHT
The FBI is pointing the finger of blame for the Sony Pictures cyberattack directly at North Korea. The hackers stole confidential data and caused the movie giant to can its new comic film, "The Interview."

ENTERPRISE HARDWARE SPOTLIGHT
Almost half of consumer, industry and life sciences manufacturers are expected to be using 3D printers within three years and now 3D printing services are aiming to help companies experiment.

© Copyright 2014 NewsFactor Network, Inc. All rights reserved. Member of Accuserve Ad Network.