With this new Contrast Scan addition, application security and development teams leveraging the Contrast Secure Code Platform can scale security across the entire application stack, from client-side to server-side, with speed and accuracy.
Contrast prioritizes real, exploitable vulnerabilities in client-side code by performing analysis on vulnerable entry points within the application, allowing developers to rely on accurate scans that take just seconds.
Contrast’s extended capabilities help DevSecOps organizations achieve the following benefits:
- Early detection of client-side vulnerabilities. This is achieved through analyzing client-side source code within routine development pipelines, complemented by easy-to-follow remediation guidance directly within the developers’ pipeline environment.
- False positive rates as low as 1%. A significant reduction in false positive rates compared to leading commercial SAST tools.
- Ability to safeguard each layer of the software stack. Contrast Scan works in tandem with Contrast’s runtime code security solution to secure front-end code and back-end code within a centrally managed platform
“A growing concern for AppSec and Development Managers is how to embed security within the development pipeline. Regardless of whether you specialize in front-end, back-end, or full-stack development, we want to help enable developers to deliver secure code from the start,” said Steven Phillips, Vice President of Product Marketing at Contrast Security.