Contrast Security Provides Free DevSecOps Solution to .NET Community
October 02, 2019

Contrast Security announced the availability of .NET Core support on Contrast Community Edition (CE).

Contrast CE is a free and full-strength application security platform that provides "always on" Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), and Runtime Application Self Protection (RASP) for software applications and APIs.

".NET Core is the evolution of Microsoft's .NET technology into a modular, cross platform, open source and cloud ready platform," said Sam Guckenheimer, Product Owner – Azure DevOps, Microsoft. "We're excited to see market disruptors like Contrast Security invest in this ecosystem and bring their innovative technology to the wider .NET community. Security is paramount in software development and tools that enable developers to deliver high-quality software rapidly. Security is the key to accelerating digital transformation."

Although platforms like .NET Core enable teams to further accelerate software development and scalability, enterprises continue to face a software security crisis that limits their ability to perform even basic application security on the vast majority of their application portfolio. This places everyone's financial, healthcare, and other sensitive data at risk. Development teams are not empowered to address security during the software development process, a gap that results in organizations depending on hard-to-find security experts, slow and inaccurate tools, and complex late-stage review processes. This, in turn, leads to a critical state and as software development velocity increases, security continues to fall further behind.

"To further our goal of finally making all software secure, we are excited to deliver a full-strength security solution for free to the .NET community. Microsoft has been a great partner to Contrast Security and we continue to invest in securing the .NET and Azure ecosystem. By enabling all .NET teams to infuse security directly into their development and production environments, without buying expensive tools, we have made it possible to achieve highly secure .NET applications and APIs quickly and easily," said Jeff Williams, CTO and Co-Founder, Contrast Security.

"DevOps requires software security to be rebuilt from the ground up. Modern software and development approaches require security to be woven in from when developers write code through when it is deployed into environments like Azure. Contrast Security's approach to embed application security leveraging instrumentation throughout the software lifecycle represents the future of DevSecOps," said Dave McKinstry, Sr. Program Manager, Microsoft.

The Contrast CE solution is designed to help small teams building a .NET Core application or API protect against a broad range of security flaws, including the top 10 vulnerabilities listed in the Open Web Application Security Project (OWASP). The solution enables small teams to assess both custom code and open source libraries for security vulnerabilities and to prevent vulnerabilities from being exploited in production. In addition, all Contrast integrations, such as Visual Studio IDE and Azure DevOps, are free and compatible with Contrast CE. Developers and security teams can have application security visibility within the tools and processes that they already use today.

The Contrast Platform unifies Application Security Testing (AST), Software Composition Analysis (SCA), and Runtime Application Self Protection (RASP) through the use of software instrumentation. Contrast's sensors directly monitor running software to provide highly accurate vulnerability and exploit detection and prevention, without requiring experts to deploy and manage legacy scanning and firewall technology.

Contrast CE delivers the power of Contrast Assess and Contrast Protect, which are utilized by some of the largest global enterprises, to individual developers and smaller teams. From one-off projects using Community Edition, to organizations of all sizes using Contrast Assess and Protect, Contrast provides a comprehensive approach to application security in order to finally make all software secure. Contrast CE supports Java and .NET Core, with plans to release .Net, Node, Ruby, and Python versions in the near future.

Share this

Industry News

April 02, 2020

VMware announced the general availability of VMware vSphere 7, the biggest evolution of vSphere in over a decade.

April 02, 2020

Grafana Labs announced that Cortex v1.0 is generally available for production use.

April 02, 2020

IT Revolution announced new dates, extended pricing and its first round of confirmed speakers for DevOps Enterprise Summit Las Vegas 2020. Hosted at The Cosmopolitan of Las Vegas, DevOps Enterprise Summit will now take place November 9-11, 2020.

April 01, 2020

Compuware Corporation announced new capabilities that enable application development teams to automate performance tests early in the development lifecycle, helping large enterprises speed time to market and improve application performance—while decreasing the significant and unnecessary cost of wasted time.

April 01, 2020

PlanetScale released the newest version of PlanetScaleDB, a multi-cloud database.

April 01, 2020

Datawire announced the newest release of Ambassador Edge Stack that is designed to speed up the inner development loop.

March 31, 2020

Push Technology will provide Diffusion Cloud, Push Technology’s Real-Time API Management Cloud Platform, free for all existing customers and new customers developing systems in the cloud during these challenging times.

March 31, 2020

Rancher Labs announced the general availability of Rancher 2.4.

March 31, 2020

Kasten announced the general availability of Kasten K10 v2.5.

March 30, 2020

DevOps Institute, a global member-based association for advancing the human elements of DevOps, announced a new Open Testing program that removes the prerequisite of leveraging formal courseware to achieve certifications from DevOps Institute's extensive portfolio.

March 30, 2020

Oracle announced the general availability of Java 14 (Oracle JDK 14).

March 30, 2020

Akamai announced March 2020 updates to the Akamai Intelligent Edge Platform.

March 26, 2020

Redgate’s new SQL Monitor now ensures that DevOps teams can monitor and track deployments at all times.

March 26, 2020

Split Software announced a two-way data integration with Google Analytics that can instantly detect performance issues caused by new features.

March 26, 2020

Cloudreach earned the Kubernetes on Microsoft Azure advanced specialization.