Welcome!

News Feed Item

Aspect Security Launches Contrast(TM) Enterprise On-Premise Edition

World's Leading App Security Experts Focus the Power of Big Data on Application Security

COLUMBIA, MD -- (Marketwire) -- 02/04/13 -- Aspect Security, a pioneer in application security, today announced the availability of Contrast™ Enterprise On-Premise (EOP) Edition. Contrast EOP passively gathers security-relevant data directly from inside an organization's portfolio of running applications, then applies a powerful combination of static, dynamic, and runtime analysis to identify vulnerabilities, security architecture, and library problems without any need for security experts.

"Automation is the only way to secure an entire application portfolio -- but today's website and code scanning tools take forever and make too many mistakes -- worst of all, they require experts, so they don't scale," explained Jeff Williams, CEO Aspect Security. "Contrast EOP empowers an enterprise with realtime application security intelligence for every application, starting with the first line of code and continuing through system test, quality assurance, and even into production."

Contrast is the first truly scalable application security solution. Organizations can enable their application servers with Contrast in just seconds, and leverage their existing development and testing teams to get security coverage. Enterprise developers will enjoy an unprecedented level of clear, actionable guidance. In fact, Contrast is so easy to use that a 14-year-old developer found and correctly fixed 6 Cross Site Scripting (XSS) and 2 SQL Injection flaws in 30 minutes.

The secret to Contrast's unparalleled coverage and accuracy is the ability to access a wealth of data about the code, the runtime environment, HTTP traffic, and even runtime data flows -- far more data than traditional application security tools. This wealth of information combined with Contrast's innovative application vulnerability fingerprinting algorithms enables Contrast to identify more vulnerabilities, cover more code, and produce less false alarms than other application security technologies.

"With Contrast, organizations can break out of the penetrate-and-patch culture, and fix problems early in the SDLC," said Williams. "Contrast is compatible with real-world software development practices, including Agile and DevOps techniques. No more out-of-date paper-based vulnerability reports, annual scans, or pre-launch security surprises."

Contrast also protects organizations against insecure and improperly used open source components. Aspect Security researchers recently announced their discovery of a new remote code execution vulnerability in the Spring Framework, an open-source web application framework. Over 22,000 organizations worldwide downloaded susceptible versions of Spring over 1.3 million times last year alone. Contrast is the only automated tool that can identify this type of expression-language injection vulnerability in addition to many other types of complex, significant vulnerabilities.

Contrast research was sponsored in part by the Air Force Research Laboratory (AFRL). Contrast Enterprise on Premise is available now, starting at $4,800 per application per year.

About Aspect Security
Founded in 2002, Aspect Security focuses exclusively on application security, ensuring that the software that drives business is protected against hackers. Aspect Security's researchers analyze, test and validate on average of 5,000,000 lines of critical application code every month and the company unearths more than 10,000 vulnerabilities every year. Aspect is a founding member of the Open Web Application Security Project (OWASP), and has made vast industry contributions including the OWASP Top Ten, Enterprise Security API (ESAPI), Application Security Verification Standard (ASVS), Risk Rating Methodology, and WebGoat. For more information, please visit www.contrastsecurity.com or follow @contrastsec.

Media Contacts:
Dan Chmielewski
Madison Alexander PR
714-832-8716
Email Contact

Or

Paula Brici
Madison Alexander PR
949-677-6527
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory?
The 21st International Cloud Expo has announced that its Call for Papers is open. Cloud Expo, to be held October 31 - November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, Big Data, Internet of Things, DevOps, Digital Transformation, Machine Learning and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding busin...
SYS-CON Events announced today that Hitachi Data Systems, a wholly owned subsidiary of Hitachi LTD., will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City. Hitachi Data Systems (HDS) will be featuring the Hitachi Content Platform (HCP) portfolio. This is the industry’s only offering that allows organizations to bring together object storage, file sync and share, cloud storage gateways, and sophisticated search and...
SYS-CON Events announced today that Progress, a global leader in application development, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Enterprises today are rapidly adopting the cloud, while continuing to retain business-critical/sensitive data inside the firewall. This is creating two separate data silos – one inside the firewall and the other outside the firewall. Cloud ISVs oft...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
SYS-CON Events announced today that Peak 10, Inc., a national IT infrastructure and cloud services provider, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Peak 10 provides reliable, tailored data center and network services, cloud and managed services. Its solutions are designed to scale and adapt to customers’ changing business needs, enabling them to lower costs, improve performance and focus intern...
SYS-CON Events announced today that Cloud Academy will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Cloud Academy is the industry’s most innovative, vendor-neutral cloud technology training platform. Cloud Academy provides continuous learning solutions for individuals and enterprise teams for Amazon Web Services, Microsoft Azure, Google Cloud Platform, and the most popular cloud computing technologies. Ge...
SYS-CON Events announced today that Juniper Networks (NYSE: JNPR), an industry leader in automated, scalable and secure networks, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Juniper Networks challenges the status quo with products, solutions and services that transform the economics of networking. The company co-innovates with customers and partners to deliver automated, scalable and secure network...
Existing Big Data solutions are mainly focused on the discovery and analysis of data. The solutions are scalable and highly available but tedious when swapping in and swapping out occurs in disarray and thrashing takes place. The resolution for thrashing through machine learning algorithms and support nomenclature is through simple techniques. Organizations that have been collecting large customer data are increasingly seeing the need to use the data for swapping in and out and thrashing occurs ...
SYS-CON Events announced today that Fusion, a leading provider of cloud services, will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Fusion, a leading provider of integrated cloud solutions to small, medium and large businesses, is the industry’s single source for the cloud. Fusion’s advanced, proprietary cloud service platform enables the integration of leading edge solutions in the cloud, including cloud...
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm.
SYS-CON Events announced today that Interoute has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Interoute is the owner operator of Europe's largest network and a global cloud services platform, which encompasses over 70,000 km of lit fiber, 15 data centers, 17 virtual data centers and 33 colocation centers, with connections to 195 additional partner data centers. Our full-service Unifie...
As enterprise cloud becomes the norm, businesses and government programs must address compounded regulatory compliance related to data privacy and information protection. The most recent, Controlled Unclassified Information and the EU’s GDPR have board level implications and companies still struggle with demonstrating due diligence. Developers and DevOps leaders, as part of the pre-planning process and the associated supply chain, could benefit from updating their code libraries and design by in...
SYS-CON Events announced today that DivvyCloud will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. DivvyCloud software enables organizations to achieve their cloud computing goals by simplifying and automating security, compliance and cost optimization of public and private cloud infrastructure. Using DivvyCloud, customers can leverage programmatic Bots to identify and remediate common cloud problems in rea...
SYS-CON Events announced today that WineSOFT will exhibit at SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Based in Seoul and Irvine, WineSOFT is an innovative software house focusing on internet infrastructure solutions. The venture started as a bootstrap start-up in 2010 by focusing on making the internet faster and more powerful. WineSOFT’s knowledge is based on the expertise of TCP/IP, VPN, SSL, peer-to-peer, mob...