Contrast Security announced its commitment to ally with and protect customers during the current state of heightened cybersecurity risks, as the Russia-Ukraine conflict continues.
In addition to increased security controls, Contrast’s dedicated DefCon and incident response teams are actively monitoring and communicating identified security vulnerabilities in relation to potential nation-state attacks.
“We’ve been steadfast in our efforts to partner with our customers, including global banks, healthcare, manufacturing, and COVID-related health services, along with our customer communities to increase AppSec resilience for impending nation-state cyber risks,” said Alan Naumann, President, Chief Executive Officer and Chairman of the Board, Contrast Security. “It is vital that our customers know that Contrast Security is at the forefront of identifying vulnerabilities and is paving the way protecting enterprises and building overall security readiness.”
Contrast’s push for escalated AppSec efforts comes on the heels of United States President Joe Biden signing the Cyber Incident Reporting For Critical Infrastructure Act of 2022, requiring critical infrastructure entities and government agencies to report a cyber security incident within a defined period of time.
This Act along with the new Software Bill of Materials (SBOM) framework requirement promotes the need for more transparency—for both the private and public sector—when it comes to detecting, addressing, and sharing information about security vulnerabilities and libraries with vulnerabilities.
“While we can’t predict a nation-state attack, we can take a proactive, risk-based approach to ready our application security tactics, techniques and procedures (TTPs). Oftentimes malicious actors take advantage of an already known vulnerability, so an organization’s ability to detect even the most mundane anomaly in their environment is critical,” said David Lindner, Chief Information Security Officer at Contrast Security.
“As an application security community, DevSecOps teams must band together to not only utilize software composition analysis (SCA), but also generate accurate, consistent, and real-time SBOMs to discover and patch common vulnerabilities and exposures (CVEs), but they need to share knowledge of new attack vectors and indicators of compromise to increase industry transparency. All enterprises are just as at risk of cybersecurity threats as the 16 critical infrastructure sectors.”
Contrast is closely monitoring the Russia-Ukraine situation for indications of increased application-layer attacks and is actively working with customers to help them manage and monitor their data, make risk-based security decisions, and take actionable next steps to secure their software applications along the entire DevSecOps lifecycle.