Contrast Security’s free new CodeSec tool was built to help developers secure code quicker without disrupting their workflows, as code scanning is becoming a bigger responsibility for dev teams.
Developers are often forced to choose between antiquated enterprise tools that often lack UI functionality and don’t integrate with their workflow, or new developer-centric tools that work a seamless integration into their existing day-to-day role. However, these latter tools can often miss several exploitable vulnerabilities and lack scalability, according to Orlando Villanueva, product marketing manager at Contrast Security.
That is why Contrast is introducing its free developer security tool, CodeSec by Contrast, that brings the scanner right to developers at no cost. CodeSec provides actionable guidance and can let developers start securing code in less than five minutes, according to Contrast Security.
“After you’ve done your scan, you’ll get immediate actionable results that find up to 70% more critical vulnerabilities and get actionable remediation guidance with six times more true positives in seconds,” Villanueva said. “CodeSec really provides the same scanning engines that are used in our enterprise level solution which is Contrast Security Platform.”
The code scanner is packaged into a CLI for single developer use so that developers can secure code in Java, JavaScript, and .NET. The CodeSec serverless functionality allows developers to secure serverless environments in Lambda Functions for Java and Python.
Starting on August 3, developers will also gain access to the CodeSec SCA functionality to secure open-source code and to create a software bill of materials to continuously secure their supply chain.
Learn more about the tool in the webinar, “Introducing Contrast’s New Free Developer Security Tool – CodeSec!” which covers the benefits of CodeSec, demonstrates how developers can get started, and showcases how devs can scan both files and serverless environments for free.