Topic: contrast security

SD Times Open-Source Project of the Week: Contrast Security Generative AI Policy

The main goal of this project created by Contrast Security is to create a clear and usable policy for managing privacy and security risks when utilizing Generative AI and Large Language Models (LLMs) in organizations, according to the project’s GitHub page.  The policy primarily aims to address several key concerns: 1. Avoid situations where ownership … continue reading

Contrast Security announces free program for developers to learn security

Contrast Security launched its developer-focused education program Contrast Security Learning Hub and the Contrast Community forum to broaden access to secure coding practices.  The learning hub is a free program that provides interactive lessons on vulnerabilities across different languages and ecosystems. The program covers existing OWASP topics and JavaScript, Java, .NET, and Node.js programming languages. … continue reading

Contrast Security announces new program to financially support open source developers

Contrast Security has announced a new sponsorship program to support open source developers.  Under the new Open Source Software Sponsorship Program, developers working on open source projects will be financially supported. According to the company, this will help accelerate time-to-market of those projects as well.  Contrast Security explained that while open-source software has many benefits, … continue reading

Contrast Security introduces new security testing tools for JavaScript frameworks

Contrast Security, the code security company, today announced the expansion of its Secure Code Platform’s static application security testing capabilities to include JavaScript language support as well as support for Angular, React, and jQuery frameworks. With this, developers are enabled to quickly find and repair security defects in their client-side code.  The addition of Contrast … continue reading

Contrast Security announces new free code scanning tool

Contrast Security, the code security company that enables developers to secure while they code, today unveiled a new code scanning tool, CodeSec by Contrast Security. The tool is free to use and provides developers with a self-service, enterprise-tested application security solution. With CodeSec developers can scan code and serverless environments in order to secure their … continue reading

Contrast Security and Red Hat announce partnership on deploying secure cloud native applications

The code security company, Contrast Security, announced that it will be entering into a partnership with Red Hat OpenShift to allow users to deploy secure, containerized applications by integrating within native CI/CD pipelines.  With these integrations, customers will be able to retain the scalability of the OpenShift Container Platform and gain automated security testing as … continue reading

Security perimeter is no more as attack surface continues to expand

For a long time, security teams have been able to mostly rely on the safety of a security perimeter, but with things like IoT, embedded development, and now remote and hybrid work, this notion of a defensible perimeter is totally gone.  Having all of these connected devices that don’t live under one network expands the … continue reading

A guide to DevSecOps tools

The following is a listing of DevSecOps tool providers, along with a brief description of their offerings.  Bridgecrew by Prisma Cloud automates security from code to cloud. By embedding earlier in the DevOps lifecycle, Bridgecrew enables developers to write secure code without slowing them down. In addition to its DevSecOps tools and integrations, Bridgecrew’s platform … continue reading

How these companies help organizations with DevSecOps

We asked these tool providers to share more information on how their solutions help companies with security in remote or hybrid settings. Their responses are below. Guy Eisenkot, VP of product and co-founder of Bridgecrew by Prisma Cloud As hybrid work environments and cloud infrastructure environments become the norm, organizations’ attack surfaces are only getting … continue reading

SD Times news digest: Contrast Security announces partnership with GitHub; MariaDB to go public; Swift and C++ interoperability workgroup

Contrast Security has announced that it is entering into a partnership with GitHub. With this comes the availability of Contrast Security’s suite of GitHub Actions that simplifies the process for developers to deliver code with no security vulnerabilities.  Contrast’s GitHub Actions include four features that work to embed security into existing value streams. These actions … continue reading

SD Times Open-Source Project of the Week: SafeLog4j

SafeLog4j is an open-source tool that can detect and verify vulnerable Log4j applications and protect them. This project comes after a 0-day exploit in the Java logging library, Log4j (version 2) was discovered on December 9. The vulnerability resulted in Remote Code Execution by logging a certain string. SafeLog4j works inside an application, blocking the … continue reading

SD Times news digest: NuGet 6.0; .NET MAUI Preview 10; Contrast Security $150 million in Series E funding

Microsoft announced that NuGet 6.0 is being included in Visual Studio 2022 and .NET 6.0 out of the box. NuGet 6.0 can also be downloaded for macOS, Windows, and Linux as a standalone executable. The NuGet tooling assists developers in discovering new .NET packages to use for their .NET applications, while also making package management … continue reading Protection Status