The release of Contrast Scan extends the DevSecOps capabilities of the Contrast Application Security Platform to the entire software development life cycle (SDLC), with pipeline-native static analysis to analyse code and detect vulnerabilities at an earlier stage.
Contrast Security said that the platform will empower security teams to run scans up to ten times faster and remediate vulnerabilities up to 45 times faster, whilst meeting compliance requirements of an organisation’s security policy.
Describing the platform as a ‘game changer’, Steve Wilson, chief product officer at Contrast Security said: “It allows security teams to get unprecedented observability in their applications’ threat landscape early in the development life cycle — without all the noise of traditional static scanning tools. This means organisations’ applications will remain more secure while enabling them to maintain the agility of their development teams.”
Aiming to solve challenges of false-positive alerts resulting in decreased productivity, and provide practitioners who rely on legacy scanning with a new approach to application security, Contrast Security said that the key benefits of the solution include ‘dramatic’ improvements in speed, accuracy and developer experience through removal of inefficiencies and roadblocks that slow release cycles.
According to the announcement, Contrast Scan's onboarding requires zero configuration and organisations will have a unified, developer-friendly view of vulnerabilities and attacks through Contrast Scan’s integration with the Contrast Application Security Platform with harmonised security profiles across SAST, interactive application security testing (IAST), runtime protection and observability, and software composition analysis (SCA) in one DevSecOps platform.