The first solution of its kind, Application Vulnerability Monitoring catches production vulnerabilities through innovative in-app technology

PLEASANTON, Calif.: Contrast Security, the runtime security leader, today announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).

AVM is the first solution that works within applications to find application and API vulnerabilities in production and correlate those vulnerabilities with attacks. Accurately identifying the issues in production with AVM results in lower overall cyber risk.

Currently, companies are missing vulnerabilities in production because they are using traditional technologies like DAST, SCA, and SAST. AVM provides an alternative, allowing SecOps and DevOps teams to see what actual vulnerabilities exist in production environments so that they can proactively fix issues before they are exploited in an attack.

"Traditionally, application and API security testing happened before production, without any insight into real attacks or how software actually runs in production. As a result, development and AppSec teams are drowning in theoretical risk and false positives. By identifying the real, exploitable risks in a running app in production, and enriching them with details about real attacks and exploits, AVM automatically enables teams to focus on the risks that matter, before attackers find them,” said Jeff Williams, founder and CTO of Contrast Security.

Customers using AVM are already experiencing improved security. “Contrast offers a valuable mix of speed and coverage,” said a leader of threat & vulnerability management at a multinational government healthcare services company. “We’re able to monitor vulnerabilities across multiple environments, including development and production. Our teams have increased visibility and can both see and take action as necessary.”

Contrast Security’s Application Detection and Response operates with unique intelligent sensors inside the application layer to identify and respond to attacks and defects in applications and APIs. It gives SecOps the behavioral context it needs to see and understand how attackers are targeting and exploiting applications, while simultaneously reducing the attack surface by pinpointing and prioritizing vulnerabilities. With the added capabilities of AVM, SecOps teams, AppSec teams and DevOps teams can collaborate to prioritize and close exposed vulnerabilities in both custom code and libraries.

Application Vulnerability Monitoring allows organizations to tackle well known security problems:

• Solve for expanding application attack surface: Organizations using AI to accelerate development often struggle to manage their expanding attack surface. AVM provides continuous visibility within production applications, enabling secure innovation minus the risk.
• Solve for application risk blind spots: Organizations struggle to prioritize application vulnerabilities. The combination of AVM and ADR allows them to see the real exploitable risks in production and what’s actually being attacked. This allows SecOps to deploy compensating ADR controls while developers are implementing a permanent fix.
• Solve for inefficient incident response: Organizations can’t always identify the vulnerabilities exploited in a security incident because they are using traditional tools. The combination of AVM and ADR can now allow them to rapidly see the entry point, the context surrounding it and the necessary fix.
• Solve for zero-day attacks: Organizations are blind to unreported vulnerabilities with traditional approaches. Contrast AVM and ADR works within the application, continuously analyzing behavior and identifying vulnerabilities in real-time, so that organizations can stop and fix issues before they are widely known.

Contrast’s managed service, Contrast One, is also available for both AVM and ADR, for organizations that want expert assistance running their application security program.

To get started with Application Vulnerability Monitoring and Application Detection and Response, email adr@contrastsecurity.com.

About Contrast Security

Contrast Security is the world’s leader in Runtime Application Security, embedding code analysis and attack prevention directly into software. Contrast’s patented security instrumentation disrupts traditional AppSec approaches with integrated and comprehensive security observability that delivers highly accurate assessment and continuous protection of an entire application portfolio. The Contrast Runtime Security Platform enables powerful Application Security Testing and Application Detection and Response, allowing developers, AppSec teams, and SecOps teams to better protect and defend their applications against the ever-evolving threat landscape. Application Security programs need to modernize. Contrast empowers teams to innovate — with confidence.

Learn more: https://www.contrastsecurity.com/

Follow Contrast: Blog

Fonte: Business Wire