Contrast Security Launches Contrast OSS
June 19, 2019

Contrast Security launched Contrast OSS, a solution to help organizations building modern software solve the security, legal and compliance risks associated with their use of open source software (OSS).

Created with patented security instrumentation technology, Contrast OSS can continuously identify vulnerable open source components, determine how they are actually used by the application, and then prevent exploitation at runtime. Contrast OSS capabilities function as a solution that can work alongside Contrast Assess and Contrast Protect as part of the Contrast Security Platform.

Contrast OSS provides the ability to:

- Automatically create and maintain an organization-wide inventory of open source components mapped to applications, servers and environments.

- Provide real-time correlation of vulnerabilities, OSS license information, and additional library metadata.

- Continuously assess open source components for known and unknown vulnerabilities across all software development and delivery pipelines.

- Continuously evaluate open source components for license compliance and intellectual property risk across all software development and delivery pipelines.

- Automatically enforce custom policies and provide real-time feedback to security, compliance and development teams.

- Prioritize and focus developer remediation efforts on critical vulnerabilities by accurately identifying whether vulnerable open source components are actually used by the application.

- Continuously monitor production applications and block attacks on vulnerable open source to prevent runtime exploitation.

- Maintain centralized visibility and point-of-control for all customer and open source software risk, portfolio-wide, through a single automated platform.

"Contrast Security has a long and successful track record of helping organizations secure their applications," said Surag Patel, Chief Strategy Officer, Contrast Security. "The increasing dependence on open source is undeniable and the ability for enterprises to leverage open source software without risk to the business, remains a top priority for VPs of Development, CISOs and CIOs. We are excited to offer the first complete solution that enables real-time inventory, assessment of security risk, assessment of licensing compliance risk and security exploit prevention for open source software. In an era of accelerated software delivery, customers can now embed automated controls into their software development and delivery pipelines, and monitor all of their applications and open source dependencies continuously. Leveraging the Contrast Security platform, organizations now have an embedded security solution that is built for the modern software era, without having to deploy and orchestrate multiple tools."

Share this

Industry News

October 17, 2019

Acquia announced the availability of its new Developer Studio, a suite of tools designed to improve the productivity of Drupal developers.

October 17, 2019

Talend announced Talend Cloud is now available on Microsoft Azure, offering a secure and scalable Integration Platform-as-a-Service for collecting, transforming and cleaning data.

With embedded data quality and native integration performance, Talend Cloud on Microsoft Azure delivers the trusted data companies need to make real-time business decisions, accelerate advanced analytics, and meet regulatory compliance requirements.

October 17, 2019

Cognizant entered into an agreement to acquire Contino, a privately-held technology consulting firm.

October 16, 2019

Red Hat announced Red Hat OpenShift 4.2, the latest version of Red Hat’s enterprise Kubernetes platform designed to deliver a more powerful developer experience.

October 16, 2019

Gluware announced Gluware Automation v3.6, which extends the platform API capabilities including integrations with the Mist and Ansible platforms and introduces lifecycle management and infrastructure integration enhancements.

October 16, 2019

XebiaLabs announced that Wipro has renewed and extended its partnership with XebiaLabs as their Strategic Enterprise DevOps Partner across the globe.

October 15, 2019

Puppet announced enhancements to its current product portfolio and the public beta of a new project focused on providing a simplified continuous deployment workflow.

October 15, 2019

DBmaestro expanded its database automation platform to enable CI/CD and release automation for MySQL, MariaDB and Amazon RDS with DBmaestro DevOps Platform v2019.4.

October 15, 2019

Radware announced the launch of Radware Kubernetes Web Application Firewall (WAF), a comprehensive and highly scalable application security solution for Kubernetes-based environments.

October 10, 2019

CloudBees launched a new partner program that expands ISV partners’ ability to align with CloudBees offerings and the global Jenkins community.

October 08, 2019

Nureva announced a key update to the Jira Software integration with Span Workspace, Nureva’s cloud-based digital canvas for visual planning and collaboration.

October 08, 2019

Fugue announced support for Open Policy Agent (OPA), an open source general-purpose policy engine and language for cloud infrastructure.

October 03, 2019

Redgate announced the launch of SQL Compare v14, the latest version of its industry standard tool for quickly and accurately comparing and deploying SQL Server databases.

October 03, 2019

Harness announced the release of Continuous Insights, a new capability of its CD platform that enables organizations to see clearly into software delivery performance across their engineering and development teams without needing to manually collect, correlate, and report metrics that might take days or weeks.

October 03, 2019

OutSystems and Workato announced a partnership aimed at allowing organizations to rapidly realize innovation, time to value, productivity, and mission-critical objectives through readily available application connectors.