Contrast Security Provides Free DevSecOps Solution to .NET Community
October 02, 2019

Contrast Security announced the availability of .NET Core support on Contrast Community Edition (CE).

Contrast CE is a free and full-strength application security platform that provides "always on" Interactive Application Security Testing (IAST), Software Composition Analysis (SCA), and Runtime Application Self Protection (RASP) for software applications and APIs.

".NET Core is the evolution of Microsoft's .NET technology into a modular, cross platform, open source and cloud ready platform," said Sam Guckenheimer, Product Owner – Azure DevOps, Microsoft. "We're excited to see market disruptors like Contrast Security invest in this ecosystem and bring their innovative technology to the wider .NET community. Security is paramount in software development and tools that enable developers to deliver high-quality software rapidly. Security is the key to accelerating digital transformation."

Although platforms like .NET Core enable teams to further accelerate software development and scalability, enterprises continue to face a software security crisis that limits their ability to perform even basic application security on the vast majority of their application portfolio. This places everyone's financial, healthcare, and other sensitive data at risk. Development teams are not empowered to address security during the software development process, a gap that results in organizations depending on hard-to-find security experts, slow and inaccurate tools, and complex late-stage review processes. This, in turn, leads to a critical state and as software development velocity increases, security continues to fall further behind.

"To further our goal of finally making all software secure, we are excited to deliver a full-strength security solution for free to the .NET community. Microsoft has been a great partner to Contrast Security and we continue to invest in securing the .NET and Azure ecosystem. By enabling all .NET teams to infuse security directly into their development and production environments, without buying expensive tools, we have made it possible to achieve highly secure .NET applications and APIs quickly and easily," said Jeff Williams, CTO and Co-Founder, Contrast Security.

"DevOps requires software security to be rebuilt from the ground up. Modern software and development approaches require security to be woven in from when developers write code through when it is deployed into environments like Azure. Contrast Security's approach to embed application security leveraging instrumentation throughout the software lifecycle represents the future of DevSecOps," said Dave McKinstry, Sr. Program Manager, Microsoft.

The Contrast CE solution is designed to help small teams building a .NET Core application or API protect against a broad range of security flaws, including the top 10 vulnerabilities listed in the Open Web Application Security Project (OWASP). The solution enables small teams to assess both custom code and open source libraries for security vulnerabilities and to prevent vulnerabilities from being exploited in production. In addition, all Contrast integrations, such as Visual Studio IDE and Azure DevOps, are free and compatible with Contrast CE. Developers and security teams can have application security visibility within the tools and processes that they already use today.

The Contrast Platform unifies Application Security Testing (AST), Software Composition Analysis (SCA), and Runtime Application Self Protection (RASP) through the use of software instrumentation. Contrast's sensors directly monitor running software to provide highly accurate vulnerability and exploit detection and prevention, without requiring experts to deploy and manage legacy scanning and firewall technology.

Contrast CE delivers the power of Contrast Assess and Contrast Protect, which are utilized by some of the largest global enterprises, to individual developers and smaller teams. From one-off projects using Community Edition, to organizations of all sizes using Contrast Assess and Protect, Contrast provides a comprehensive approach to application security in order to finally make all software secure. Contrast CE supports Java and .NET Core, with plans to release .Net, Node, Ruby, and Python versions in the near future.

Share this

Industry News

December 11, 2019

Bonitasoft announced that the Bonita platform is now available with advanced low-code features that permit better collaboration between citizen developers and professional developers.

December 11, 2019

Solo.io announced WebAssembly Hub, a service for building, sharing, discovering and deploying WebAssembly (Wasm) extensions for Envoy Proxy-based service meshes.

December 11, 2019

Datawire unveiled the new Ambassador Edge Stack 1.0, an integrated edge solution that empowers developer teams to rapidly configure the edge services required to build, deliver and scale their applications running in Kubernetes.

December 10, 2019

Redgate Software launched its fourth annual State of Database DevOps Survey.

December 10, 2019

Compuware has signed a definitive agreement to acquire the assets of INNOVATION Data Processing, a provider of enterprise data protection, business continuance and storage resource management solutions serving the mainframe market.

December 10, 2019

Dynatrace announced its Autonomous Cloud Enablement (ACE) Practice to accelerate DevOps’ movement to autonomous cloud operations.

December 09, 2019

NS1, announced the expansion of its suite of integrations to include Kubernetes, Consul, Avi Networks (VMWare NSX), NGINX, and HAProxy.

December 09, 2019

CloudBees announced an extension of its partnership with Google. As a Google Cloud Run launch partner, CloudBees will offer developers more flexibility in their deployment of containerized applications.

December 09, 2019

EPAM Systems has expanded its crowdtesting software solutions to enable user story testing.

December 05, 2019

Parasoft announced the newest release of Parasoft C/C++test, the unified C and C++ development testing solution for enterprise and embedded applications.

December 05, 2019

Datadog announced Security Monitoring, a new product that enables real-time threat detection across the entire stack and deeper collaboration between security, developers, and operations teams.

December 05, 2019

Pulumi announced the availability of Pulumi Crosswalk for Kubernetes, an open source collection of frameworks, tools and user guides that help developers and operators work better together delivering production workloads using Kubernetes.

December 04, 2019

CloudBees announced a Preview Program for CloudBees CI/CD powered by Jenkins X, a Software as a Service (SaaS) continuous integration and continuous delivery solution running on Google Cloud Platform.

December 04, 2019

Rancher Labs announced the general availability of K3s, their lightweight, certified Kubernetes distribution purpose built for small footprint workloads, along with the beta release of Rio, their new application deployment engine for Kubernetes that delivers a fully integrated deployment experience from operations to pipeline.

December 04, 2019

WhiteSource announced a new integration with Codefresh, the Kubernetes-native CI/CD solution.