Contrast Security Partners with Github
February 02, 2022

Contrast Security announced its partnership with GitHub and the availability of its suite of GitHub Actions, simplifying the process for developers to ensure the code they build is free of security vulnerabilities.

Implementing DevSecOps transformation across software delivery pipelines is complex and takes developers out of their existing CI/CD processes.

"The addition of Contrast's GitHub Actions to the GitHub Marketplace makes it much easier for development, security, and platform operations teams to drive DevSecOps transformation with automation at scale," said Nikesh Shah, Sr. Director, Strategic Alliances at Contrast Security. “By shifting security automation left within native CI/CD tooling, developers can now embed security within delivery pipelines as their code makes its way from build to test, and through production.”

Now available for deployment, Contrast's four GitHub Actions embed security into existing developer value streams with each commit, pull request, test, and deployment.

- Contrast Scan Analyze: Provides automated static code analysis within native CI pipelines, without ever leaving the GitHub environment, while prioritizing exploitable vulnerabilities and weeding out noise for scan times that are up to 10x faster than competing static application security testing (SAST) tools. How-to-fix guidance within the GitHub pipeline also enables early remediation before promoting to production.

- Contrast Assess for Azure Spring Cloud: Deploys as a java application with a Contrast Assess Security Java Agent (JAR) to the Azure Spring Cloud PaaS environment to extend security into SDLC automation.

- Contrast Assess for Azure Kubernetes Service (AKS): Builds and deploys a java application to the AKS with a Contrast Security Java Agent.

- Contrast Assess for Amazon Elastic Kubernetes Service (EKS): Builds and deploys a java application to the Amazon EKS with a Contrast Security Java agent.

Contrast’s GitHub Actions are available with support for Java applications, and additional language support is in development including new GitHub Actions for .NET and JavaScript applications.
Contrast is also actively investing in developer efficiency and ease-of-use by allowing users to try our products for free by simply registering with their GitHub credentials. More details will be announced in the coming months.

Share this

Industry News

August 16, 2022

Canonical welcomes the .NET development platform, one of Microsoft’s earliest contributions to open source projects, as a native experience on Ubuntu hosts and container images, starting in Ubuntu 22.04 LTS.

August 16, 2022

Veracode announced the launch of the Veracode Velocity Partner Program.

August 16, 2022

Render announced a new monorepository feature that enables its customers to keep all of their code in one super repository instead of managing multiple smaller repositories.

August 15, 2022

Gadget announced Connections, a major new feature that gives app developers access to building blocks that enable them to build and scale ecommerce apps in a fraction of the time, at a fraction of the cost.

August 15, 2022

Opsera is on the Salesforce AppExchange to help enterprise customers shorten software delivery cycles, improve pipeline quality and security, lower operations costs and better align software delivery to business outcomes.

August 15, 2022

Virtusa Corporation earned the DevOps with GitHub on Microsoft Azure advanced specialization, a validation of a services partner's deep knowledge, extensive experience and proven success in implementing secure software development practices applying DevOps principles and using Azure and GitHub solutions.

August 15, 2022

Companies looking to reduce their cloud costs with automated optimization can now easily procure CAST AI via Google Cloud Marketplace using their existing committed spend.

August 11, 2022

Granulate, an Intel Company, announced the upcoming launch of its latest free cost-reduction solution, gMaestro, a continuous workload and pod rightsizing tool for Kubernetes cost optimization.

August 11, 2022

Rezilion announced the availability of MI-X, a newly created open-source tool developed by Rezilion's vulnerability research team.

August 11, 2022

Contrast Security announced its enhanced application programming interface (API) security capabilities within the Contrast Secure Code Platform.

August 10, 2022

Mirantis made it even easier to integrate Mirantis Container Cloud into developer workflows and provide developers and operators with easy access and visibility into the Kubernetes clusters with the Mirantis Container Cloud Lens Extension announced today.

August 10, 2022

ArmorCode announced an integration with Traceable AI which will bring its data into the ArmorCode platform and improve Application Security Posture from code to cloud.

August 10, 2022

Quali unveiled enhanced features for its Torque platform to unify infrastructure orchestration and governance.

August 09, 2022

Veracode announced the enhancement of its Continuous Software Security Platform with substantial improvements to its integrated developer experience.

August 09, 2022

Normalyze announced General Availability for its Freemium offering, a self-serve, free platform that democratizes data discovery and classification in all three public clouds, Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP).