AppSec Observer
Contrast’s application security blog provides the latest trends and tips in DevSecOps through instrumentation and security observability.
Getting rid of a 20+ year old known vulnerability: It’s like a PSA for Runtime Security
Lisa Vaas, Senior Content Marketing Manager, Contrast Security | | cisa, CVE, MOVEit, runtime security, sql injection
On Wednesday, March 27, CISA and the FBI issued a cry for help: We need to stamp out SQL injection vulnerabilities, and we need to do it yesterday, they said in a ...
Cybersecurity Insights with Contrast CISO David Lindner | 3/29/24
David Lindner, Director, Application Security | | API security, APIs, chat apps, Critical Infrastructure, passwords
Insight #1 According to Google, zero days being exploited in the wild jumped 50% last year. I just don't understand your thought process if you are not looking at control layers like ...
Cybersecurity Insights with Contrast CISO David Lindner | 3/22/24
David Lindner, Director, Application Security | | API security, APIs, chat apps, Critical Infrastructure, passwords
Insight #1 Things are well and good in the hacker community, as they are now attacking critical water systems. But honestly, one of the attacks was due to a default admin password ...
What does security instrumentation do for Application Security? A basketball analogy | Contrast Security
Lisa Vaas, Senior Content Marketing Manager, Contrast Security | | agents, Contrast Assess, instrumentation
It's not just any basketball — it’s a sensor-packed basketball called the 94Fifty. ...
Cybersecurity Insights with Contrast CISO David Lindner | 3/15/24
David Lindner, Director, Application Security | | AI Act, Breach, cyberattacks, legislation, Vulnerabilities
Insight #1 If you want insight into how difficult security is, look at the Cybersecurity and Infrastructure Security Agency (CISA). The agency was recently breached through a Common Vulnerability and Exposure (CVE) ...
Cybersecurity Insights with Contrast CISO David Lindner | 3/8/24
Insight #1 If you’re not performing routine tabletop exercises to ensure that your organization is protected from cybersecurity vulnerabilities, you should be. It's one thing to have detailed processes for executing during ...
Cybersecurity Insights with Contrast CISO David Lindner | 3/1/24
David Lindner, Director, Application Security | | Artificial Intelligence, ChatGPT, cyberattacks, OpenAI
Insight #1 As was made clear by the recent blowup over Google’s Gemini image creation tool last week (it generated “embarrassing and offensive results,” as one publication put it), AI is proving ...
How Runtime Security Protects Apps from Legacy COTS and API Vulnerability Risks | Contrast Security
It used to be that the weakest link in the enterprise IT security chain was the user, but times have changed. ...
Cybersecurity Insights with Contrast CISO David Lindner | 2/23/24
David Lindner, Director, Application Security | | brute-force attack, ChatGPT, cyberattacks, MFA, OpenAI, Quantum Encryption
Insight #1 The post quantum encryption era is upon us, and Apple is leading the charge to protect against future quantum computing attacks by boosting security on its iMessage platform, adding a ...
Elevate Node.js Security with v5 Node Agent | Contrast Security
Ali Tajiki, Senior Product Manager, Contrast Security | | node.js, runtime protection, runtime security
Node.js is an incredibly popular programming environment, highly regarded for its efficiency and scalability. It powers a wide range of applications, from web applications to real-time chat applications, application programming interfaces (APIs) ...