Contrast Security has release Contrast Enterprise, a new application security product to integrate defenses across development and operations, offering vulnerability assessment, security visibility and attack protection throughout the application lifecycle.
Contrast Enterprise offers Runtime Application Self-Protection (RASP), which provides deep security instrumentation technology across an enterprise’s entire application portfolio to recognize and block threats before they reach exploitable vulnerabilities.
Contrast delivers an integrated, instrumentation-based approach across the SDLC to simplify application security including the following:
Application Attack Visibility and Monitoring
- Clearly displays and logs attacks against applications into SIEM and security analytics solutions for correlation and enterprise-wide attack awareness.
- Alerts users to dangerous attacks on critical applications in real-time.
- Provides easy-to-read security dashboards, including attack trends and detailed attack analysis that both direct defenses and prioritize remediation efforts based on real-world data metrics.
- Delivers customizable real-time application telemetry for logging and diagnostics of application behavior.
Attack Protection
- Blocks broad categories of threats, including SQL Injection, Cross Site Scripting and other OWASP Top Ten threats.
- Employs “CVE Shields,” out-of-the-box defenses that protect applications from known and dangerous vulnerabilities lurking in open source frameworks and libraries.
- Defends custom code or newly discovered vulnerabilities until a remediation can be provided by development.
- Integrates IP blacklisting/whitelisting controls with network level application security solutions, including WAFs and firewalls.
Contrast Enterprise will be released in Q3 2015.