Contrast Security announced the release of
Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
AVM is the first solution that works within applications to find
application and API vulnerabilities in production and correlate those
vulnerabilities with attacks. Accurately identifying the issues in
production with AVM results in lower overall cyber risk.
Currently, companies are missing vulnerabilities in production because
they are using traditional technologies like DAST, SCA, and SAST. AVM
provides an alternative, allowing SecOps and DevOps teams to see what
actual vulnerabilities exist in production environments so that they can
proactively fix issues before they are exploited in an attack.
"Traditionally, application and API security testing happened before
production, without any insight into real attacks or how software
actually runs in production. As a result, development and AppSec teams
are drowning in theoretical risk and false positives. By identifying the
real, exploitable risks in a running app in production, and enriching
them with details about real attacks and exploits, AVM automatically
enables teams to focus on the risks that matter, before attackers find
them," said Jeff Williams, founder and CTO of Contrast Security.
Customers using AVM are already experiencing improved security.
"Contrast offers a valuable mix of speed and coverage," said a leader of
threat & vulnerability management at a multinational government
healthcare services company. "We're able to monitor vulnerabilities
across multiple environments, including development and production. Our
teams have increased visibility and can both see and take action as
necessary."
Contrast Security's Application Detection and Response operates with
unique intelligent sensors inside the application layer to identify and
respond to attacks and defects in applications and APIs. It gives SecOps
the behavioral context it needs to see and understand how attackers are
targeting and exploiting applications, while simultaneously reducing
the attack surface by pinpointing and prioritizing vulnerabilities. With
the added capabilities of AVM, SecOps teams, AppSec teams and DevOps
teams can collaborate to prioritize and close exposed vulnerabilities in
both custom code and libraries.
Application Vulnerability Monitoring allows organizations to tackle well known security problems:
-
Solve for expanding application attack surface: Organizations
using AI to accelerate development often struggle to manage their
expanding attack surface. AVM provides continuous visibility within
production applications, enabling secure innovation minus the risk.
-
Solve for application risk blind spots: Organizations struggle to
prioritize application vulnerabilities. The combination of AVM and ADR
allows them to see the real exploitable risks in production and what's
actually being attacked. This allows SecOps to deploy compensating ADR
controls while developers are implementing a permanent fix.
-
Solve for inefficient incident response: Organizations can't
always identify the vulnerabilities exploited in a security incident
because they are using traditional tools. The combination of AVM and ADR
can now allow them to rapidly see the entry point, the context
surrounding it and the necessary fix.
-
Solve for zero-day attacks: Organizations are blind to unreported
vulnerabilities with traditional approaches. Contrast AVM and ADR works
within the application, continuously analyzing behavior and identifying
vulnerabilities in real-time, so that organizations can stop and fix
issues before they are widely known.
Contrast's managed service, Contrast One, is also available for both AVM
and ADR, for organizations that want expert assistance running their
application security program.