Enable javascript in your browser for better experience. Need to know to enable it? Go here.
Published : Oct 27, 2021
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar. Understand more
Oct 2021
Trial ? Worth pursuing. It is important to understand how to build up this capability. Enterprises should try this technology on a project that can handle the risk.

Contrast Security offers a security platform with multiple components, including static application security testing (SAST), interactive application security testing (IAST), open-source scanning and runtime application self-protection (RASP). It's been around for a few years now, and we've used it in multiple projects. One of the things we quite like about the Contrast platform is its run-time analysis of libraries; it helps identify libraries that are not used, which in turn helps our teams prioritize vulnerabilities and potentially get rid of unused libraries. This is particularly relevant given the increased importance of securing the software supply chain. We also quite like its IAST component; we've found it effective in our continuous delivery (CD) pipeline with reduced false positives, and it manages to catch a good range of vulnerabilities.

Download Technology Radar Volume 27

English | Español | Português | 中文

Stay informed about technology

 

Subscribe now

Visit our archive to read previous volumes