Worldwide Application Security Testing, Code Analysis, and Software Composition Analysis 2022 Vendor Assessment

Worldwide Application Security Testing, Code Analysis, and Software Composition Analysis 2022 Vendor Assessment

LOS ALTOS, Calif., May 3, 2022 /PRNewswire/ — Contrast Security (Contrast), a leader in code security that enables developers to protect while they code, announced today that it has been named lead actor in IDC MarketScape: Assessing Application Security Testing, Code Analysis, and Software Composition Analysis Vendors Worldwide 2022: Security and Quality Coordination for Resiliency and DevSecOps (Doc #US47097521, March 2022).

Contrast Security Logo (PRNewsfoto/Contrast Security)

Contrast Security Logo (PRNewsfoto/Contrast Security)

The IDC MarketScape discussed how the company’s technology “leverages binary instrumentation in which sensors are embedded in application servers, runtime and user libraries, and other components for vulnerability and attack detection. Contrast Security hybrid approach (combining IAST, SAST, DAST, SCA and runtime application self-protection [RASP]) enables contextualization, improves execution and developers’ ability to remediate issues while helping to lower the rate of false positives (according to users IDC has spoken with),” according to Melinda-Carol Ballou, director of research at IDC. Additionally, during the Log4Shell crisis, the product’s collective capabilities supported Contrast users.

“Contrast’s Access solution identified the underlying log injection vulnerability, while Contrast SCA began reporting vulnerable versions of Log4J, and Contrast Protect helped prevent harmful behavior attackers used to exploit Log4Shell, including untrusted deserialization and log injection. language of expression,” Ballou said in the report. “These combined efforts from AST, SCA, and RASP helped developers respond quickly.”

Contrast works with global companies and their developers to create secure code throughout the software development process. Contrast takes a unique approach by combining Static Application Security Testing (SAST), Dynamic Application Security Testing (DAST), Interactive Application Security Testing (IAST), and Runtime Application Self-Protection (RASP) with analysis of software composition (SCA). This enables contextualization, improves execution and developers’ ability to remediate issues while helping to lower the rate of false positives.

“We’re not near the end of seeing major attacks like Log4J and Spring4Shell,” he said. Jeff Williams, co-founder and CTO of Contrast Security. “Hackers will continue to target common free and open source software libraries, so companies should invest in and leverage runtime protection solutions like Contrast Protect to identify weaknesses within their code and defend against them. immediately unpatched now”.

IDC MarketScape’s rigorous research methodology goes beyond market share and provides a clear framework that compares current and future product and service offerings, capabilities, strategies, and market success factors for each vendor. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and potential vendors. An extract of the IDC MarketScape report can be downloaded here.

About IDC MarketScape:

The IDC MarketScape Vendor Assessment Model is designed to provide an overview of the competitive strength of ICT (information and communications technology) vendors in a given market. The research methodology uses a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. IDC MarketScape provides a clear framework in which IT and telecommunications vendors’ current and future product and service offerings, capabilities, strategies, and market success factors can be meaningfully compared. The framework also provides technology buyers with a 360-degree assessment of the strengths and weaknesses of current and potential vendors.

About Contrast Security:

Contrast Security protects the code on which the global business is built. It is the most modern and comprehensive code security platform in the industry, removing inefficiencies from security hurdles and enabling enterprise developers to write and publish secure application code faster. By embedding code analysis and attack prevention directly into the instrumented software, Contrast’s platform automatically detects vulnerabilities as developers write code, eliminates false positives, and provides guidance on how to fix vulnerabilities easily and safely. fast. By doing so, application and development teams can collaborate more effectively and innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world’s largest public and private sector organizations trust Contrast to protect their applications in development and extend protection to cloud and on-premises applications in production.

Media Contact:
Laura Asendio
Director of Public Relations
contrast safety
pr@contrastsecurity.com

cision

cision

View original content to download media:https://www.prnewswire.com/news-releases/contrast-security-named-a-major-player-in-idc-marketscape-worldwide-application-security-testing-code-analytics-and-software-composition- analysis-2022-evaluation-of-suppliers-301536555.html

SOURCE Contrast Security

Leave a Comment