- Company (that provides the nominated product / solution / service): Contrast Security, Inc.
- Website: https://www.contrastsecurity.com
- Product Version Number: 3.3.3
- Type of solution: Software
- Year this product or service was first introduced to the market: 2014
- Year the current version of this product or service has been released: 2016
In 3 bullets, summarize why this product or service deserves recognition:
1. Makes software self-protecting so it can defend itself from vulnerabilities and attacks. Contrast employs its patented deep security instrumentation to eliminate risk to software applications and their data. So businesses can innovate faster, and sleep at night.
2. Contrast empowers developers to build secure applications with real time vulnerability analysis and unprecedented, proven accuracy for every developer, tester and application security professional.
3. Contrast was built from the ground up to meet the needs of agile/CI/CD environments and DevOps methodologies.
In less than 300 words, summarize the most important features and benefits of this product or service
Contrast is truly different in both philosophy and technology from any existing application security technology. When it comes to accuracy, Contrast scores a perfect 100% against the 21,000 test cases in the OWASP Benchmark Project, while the top legacy tools scored only 33%. When it comes to speed, Contrast works in real time so developers and testers get instant results. Meanwhile, legacy solutions took hours or days to complete the OWASP Benchmark. When it comes to scalability, Contrast works continuously – and is fully automated – across very large enterprise application portfolios in parallel in real time. Contrast recognizes continuous, up-to-date visibility is critical for informed security decision-making.
Contrast uses patented deep security instrumentation to automatically weave vulnerability detection (vis Contrast Assess), and threat visibility and attack protection (via Contrast Protect) directly into applications, without requiring any application changes or security experts. While these applications are running, highly accurate context is instantly generated about where applications are vulnerable and under attack. Before Contrast, these two capabilities were only available in separate, siloed products from different vendors. Even when vendors have partnered and integrated application security testing tools with attack protection products, the joint solutions have been too complicated and woefully inaccurate to deliver on the vision. These partially integrated solutions do not enable organizations to effectively practice continuous application security (CAS).
Contrast technology is a lightning bolt that shatters all previous thinking about software application security. Contrast changes security from a small, underfunded, undermanned department into an agile, ubiquitous, always-ready, always-on army of self-protection with the highest accuracy and best results. More than a security tool, Contrast technology is an intelligent agent that powers a new era of self-protecting software.