Click here to close now.




















Welcome!

News Feed Item

Aspect Security Launches Contrast(TM) Enterprise On-Premise Edition

World's Leading App Security Experts Focus the Power of Big Data on Application Security

COLUMBIA, MD -- (Marketwire) -- 02/04/13 -- Aspect Security, a pioneer in application security, today announced the availability of Contrast™ Enterprise On-Premise (EOP) Edition. Contrast EOP passively gathers security-relevant data directly from inside an organization's portfolio of running applications, then applies a powerful combination of static, dynamic, and runtime analysis to identify vulnerabilities, security architecture, and library problems without any need for security experts.

"Automation is the only way to secure an entire application portfolio -- but today's website and code scanning tools take forever and make too many mistakes -- worst of all, they require experts, so they don't scale," explained Jeff Williams, CEO Aspect Security. "Contrast EOP empowers an enterprise with realtime application security intelligence for every application, starting with the first line of code and continuing through system test, quality assurance, and even into production."

Contrast is the first truly scalable application security solution. Organizations can enable their application servers with Contrast in just seconds, and leverage their existing development and testing teams to get security coverage. Enterprise developers will enjoy an unprecedented level of clear, actionable guidance. In fact, Contrast is so easy to use that a 14-year-old developer found and correctly fixed 6 Cross Site Scripting (XSS) and 2 SQL Injection flaws in 30 minutes.

The secret to Contrast's unparalleled coverage and accuracy is the ability to access a wealth of data about the code, the runtime environment, HTTP traffic, and even runtime data flows -- far more data than traditional application security tools. This wealth of information combined with Contrast's innovative application vulnerability fingerprinting algorithms enables Contrast to identify more vulnerabilities, cover more code, and produce less false alarms than other application security technologies.

"With Contrast, organizations can break out of the penetrate-and-patch culture, and fix problems early in the SDLC," said Williams. "Contrast is compatible with real-world software development practices, including Agile and DevOps techniques. No more out-of-date paper-based vulnerability reports, annual scans, or pre-launch security surprises."

Contrast also protects organizations against insecure and improperly used open source components. Aspect Security researchers recently announced their discovery of a new remote code execution vulnerability in the Spring Framework, an open-source web application framework. Over 22,000 organizations worldwide downloaded susceptible versions of Spring over 1.3 million times last year alone. Contrast is the only automated tool that can identify this type of expression-language injection vulnerability in addition to many other types of complex, significant vulnerabilities.

Contrast research was sponsored in part by the Air Force Research Laboratory (AFRL). Contrast Enterprise on Premise is available now, starting at $4,800 per application per year.

About Aspect Security
Founded in 2002, Aspect Security focuses exclusively on application security, ensuring that the software that drives business is protected against hackers. Aspect Security's researchers analyze, test and validate on average of 5,000,000 lines of critical application code every month and the company unearths more than 10,000 vulnerabilities every year. Aspect is a founding member of the Open Web Application Security Project (OWASP), and has made vast industry contributions including the OWASP Top Ten, Enterprise Security API (ESAPI), Application Security Verification Standard (ASVS), Risk Rating Methodology, and WebGoat. For more information, please visit www.contrastsecurity.com or follow @contrastsec.

Media Contacts:
Dan Chmielewski
Madison Alexander PR
714-832-8716
Email Contact

Or

Paula Brici
Madison Alexander PR
949-677-6527
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Palerra, the cloud security automation company, announced enhanced support for Amazon AWS, allowing IT security and DevOps teams to automate activity and configuration monitoring, anomaly detection, and orchestrated remediation, thereby meeting compliance mandates within complex infrastructure deployments. "Monitoring and threat detection for AWS is a non-trivial task. While Amazon's flexible environment facilitates successful DevOps implementations, it adds another layer, which can become a ...
The speed of software changes in growing and large scale rapid-paced DevOps environments presents a challenge for continuous testing. Many organizations struggle to get this right. Practices that work for small scale continuous testing may not be sufficient as the requirements grow. In his session at DevOps Summit, Marc Hornbeek, Sr. Solutions Architect of DevOps continuous test solutions at Spirent Communications, explained the best practices of continuous testing at high scale, which is rele...
"We got started as search consultants. On the services side of the business we have help organizations save time and save money when they hit issues that everyone more or less hits when their data grows," noted Otis Gospodnetić, Founder of Sematext, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
Growth hacking is common for startups to make unheard-of progress in building their business. Career Hacks can help Geek Girls and those who support them (yes, that's you too, Dad!) to excel in this typically male-dominated world. Get ready to learn the facts: Is there a bias against women in the tech / developer communities? Why are women 50% of the workforce, but hold only 24% of the STEM or IT positions? Some beginnings of what to do about it! In her Opening Keynote at 16th Cloud Expo, S...
With SaaS use rampant across organizations, how can IT departments track company data and maintain security? More and more departments are commissioning their own solutions and bypassing IT. A cloud environment is amorphous and powerful, allowing you to set up solutions for all of your user needs: document sharing and collaboration, mobile access, e-mail, even industry-specific applications. In his session at 16th Cloud Expo, Shawn Mills, President and a founder of Green House Data, discussed h...
Delphix, the market leader in Data as a Service (DaaS), has been announced winner of the DevOps Solution Award at the prestigious Computing Vendor Excellence Awards in London. The awards celebrate the achievements of the technology vendors and service providers that are leading the field of enterprise IT. Delphix was recognised as the vendor demonstrating the most effective support of DevOps culture for its ability to improve time to market and collaboration between teams.
"Our biggest growth area has been the security services, the managed services - the things that differentiate us in the market that there is no client that's too small and there's no client that's too big," explained Paul Mazzucco, Chief Security Officer at TierPoint, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
The Cloud industry has moved from being more than just being able to provide infrastructure and management services on the Cloud. Enter a new era of Cloud computing where monetization’s services through the Cloud are an essential piece of strategy to feed your organizations bottom-line, your revenue and Profitability. In their session at 16th Cloud Expo, Ermanno Bonifazi, CEO & Founder of Solgenia, and Ian Khan, Global Strategic Positioning & Brand Manager at Solgenia, discussed how to easily o...
"We've just seen a huge influx of new partners coming into our ecosystem, and partners building unique offerings on top of our API set," explained Seth Bostock, Chief Executive Officer at IndependenceIT, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at @ThingsExpo, James Kirkland, Red Hat's Chief Arch...
Sysdig has announced two significant milestones in its mission to bring infrastructure and application monitoring to the world of containers and microservices: a $10.7 million Series A funding led by Accel and Bain Capital Ventures (BCV); and the general availability of Sysdig Cloud, the first monitoring, alerting, and troubleshooting platform specializing in container visibility, which is already used by more than 30 enterprise customers. The funding will be used to drive adoption of Sysdig Clo...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin,...
The Internet of Things is not only adding billions of sensors and billions of terabytes to the Internet. It is also forcing a fundamental change in the way we envision Information Technology. For the first time, more data is being created by devices at the edge of the Internet rather than from centralized systems. What does this mean for today's IT professional? In this Power Panel at @ThingsExpo, moderated by Conference Chair Roger Strukhoff, panelists addressed this very serious issue of pro...
"We do data integration for B2B also application to application, and we do data management and enable Big Data," explained Pat Adamiak, Vice President, Product Marketing at Liaison Technologies, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
"We specialize in testing. DevOps is all about continuous delivery and accelerating the delivery pipeline and there is no continuous delivery without testing," noted Marc Hornbeek, Sr. Solutions Architect at Spirent Communications, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.