Contrast Brings Security into the DevOps Era

LOS ALTOS, Calif., June 20, 2017 /PRNewswire/ -- Contrast Security, the first company to enable self-protecting software, today announced key integrations and product enhancements to address the urgent security needs of organizations pursuing DevOps. These include: Jenkins integration, bidirectional JIRA integration, support for Microsoft Visual Studio Team Services and Team Foundation Server, Pivotal Cloud Foundry integration and a Plug-In for the Eclipse IDE.

Because "software is eating the world," as Mark Andreessen famously noted, application security gets harder every day; every line of code written opens organizations to new vulnerabilities and breaches. Furthermore, legacy solutions, such as static analysis, dynamic analysis and web application firewalls have all failed to keep pace with Agile and DevOps practices. Teams need tools that empower developers, integrate security into the DevOps toolchain, and monitor application security the way DevOps teams monitor application performance.

In Gartner's March 2017 Critical Capabilities for Application Security Testing Report, Contrast Security received the highest score in the DevOps use case for Contrast Assess.

Contrast's latest integrations and product enhancements include:

• Jenkins Integration – With Contrast's Jenkins integration, teams are now empowered to fail builds that have security issues. Customers can set the threshold for the number and severity of vulnerabilities and if reached, Jenkins will fail the build and developers will be notified.
• JIRA Integration – Customers can create automated JIRA tickets directly from the Contrast user interface. When a ticket status is changed in JIRA, the change will be reflected within Contrast to reflect the Jira ticket status. 
• Support for Microsoft Visual Studio Team Services and Team Foundation Server – Contrast now supports Microsoft Visual Studio Team Services and Team Foundation Server. This allows customers who use Visual Studio Team Services or Team Foundation Server to track the vulnerabilities reported by Contrast through their existing bug-tracking system.
• Pivotal Cloud Foundry Integration – Contrast Assess and Contrast Protect customers can now secure their Java applications running on Pivotal Cloud Foundry (PCF) with Contrast. Contrast Security Service Broker for Pivotal Cloud Foundry enables Contrast customers to create and manage multiple service plans for different organizations, and bind Contrast credentials to software applications. Support for .NET, node.js and Ruby applications in PCF is under development.
• Eclipse Integrated Development Environment (IDE) Plug-In – Software developers using the Eclipse IDE can now view vulnerabilities discovered in their applications from within their own development environment with the Contrast Assess Plug-In for Eclipse.

"With DevOps, security must work differently," said Surag Patel, chief strategy officer at Contrast Security. "Because code is released continuously, security must also work continuously and provide developers with instant, highly-accurate feedback on their code. Contrast enables DevOps teams to deliver continuous security by empowering developers to solve security problems early in the development lifecycle, integrating security into the DevOps pipeline and monitoring attacks the same way they monitor performance. Ultimately, Contrast makes application security accurate, continuous, integrated and scalable."

Required Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

About Contrast Security
Contrast Security is the world's leading provider of security technology that enables software applications to protect themselves against cyberattacks, heralding the new era of self-protecting software. Contrast's patented deep security instrumentation is the breakthrough technology that enables highly accurate assessment and always-on protection of an entire application portfolio, without disruptive scanning or expensive security experts. Only Contrast has sensors that work actively inside applications to uncover vulnerabilities, prevent data breaches, and secure the entire enterprise from development, to operations, to production. More information can be found at www.contrastsecurity.com or by following Contrast on Twitter at @ContrastSec.

For more information:
Andrew Smith
SHIFT Communications for Contrast Security
[email protected]
+1-415-591-8438

SOURCE Contrast Security