Contrast Security launches free code scanning tool for developers

Contrast Security launched CodeSec by Contrast Security (CodeSec), a self-service, enterprise-tested application security solution available to all developers at no cost.

With seamless sign-up, the fastest and most accurate scanner in the market, and immediate, actionable results, developers can start scanning code and serverless environments with CodeSec to go from zero to secure in less than five minutes.

“IDC research shows that when organizations empower developers with the right DevSecOps tools, the results are more secure applications, faster remediation, and developers taking ownership of application security,” said Jim Mercer, Research Director of DevOps and DevSecOps at IDC. “It is encouraging to see Contrast Security offering some of its enterprise security software capabilities as a free self-service to developers to help them painlessly identify insecure code earlier in the Software Development Life Cycle (SDLC).”

Thanks to Contrast’s demand-driven analysis, CodeSec delivers 10x faster and more accurate scanning results for code and serverless applications right to the developer’s laptop. CodeSec – Scan optimizes code security for Java, JavaScript and .NET with fast, scans and actionable remediation guidance in a simple command-line interface. CodeSec – Serverless takes advantage of a new ground-breaking application security tool for serverless environments in AWS Lambda Functions (Java + Python) that detects serverless security vulnerabilities instantly while providing actionable remediation guidance in a simple command-line interface.

“For years, Contrast has been securing code for some of the world’s largest organizations. To drive our mission of getting secure code moving — and we mean ALL code — we’ve decided to give every developer access to our cutting-edge technology for free,” said Alan Naumann, Chairman of the Board, President and Chief Executive Officer at Contrast Security. “CodeSec delivers the fastest and most accurate results in the industry. In fact, we can deliver 95% more accuracy in Java applications than any other ‘free’ tool — all at speeds faster than anyone in the market.”

Contrast’s patented technology has been utilized to secure some of the world’s leading software, healthcare and financial organizations for years. Now, developers will be able to harness the following benefits to drive innovation in their offerings with continuous security built into their deployment pipelines:

  • Accurate scanner: Delivers up to 10x faster scan rates. Recognized as the fastest & most accurate Java scanner in the market.
  • Immediate & actionable results: Scan code for traditional environments and serverless functions, find 70% more critical vulnerabilities and receive actionable results with 6x more true positives in seconds. Prioritizes vulnerabilities and provides actionable remediation guidance.
  • From Start to Finish in Minutes: Frictionless and seamless signup process with GitHub or Google Account. Optionally, use a provided GitHub Action to automate the linkage to your GitHub pipeline – from zero to secure in less than five minutes. Enables developers to automate common workflows.

CodeSec is available to all developers now by authenticating with their existing GitHub or Google ID.

More about

Don't miss