Home > News > featured news > Contrast Security Introduces Cloud-Native Automation

Software Security

Contrast Security Introduces Cloud-Native Automation

Contrast Security | April 23, 2022

Contrast Security
Contrast Security , the leader in code security that empowers developers to secure-as-they code, today announced the introduction of cloud-native automation for users leveraging Red Hat OpenShift, the industry's leading enterprise Kubernetes platform. Red Hat OpenShift users can now deploy containerized applications with embedded security features within a native continuous integration and continuous delivery (CI/CD) pipelines. This enables Red Hat OpenShift users to retain scalability, while adding automated security testing and protection as a routine part of the software delivery process. These added capabilities result in minimized manual configuration, reduction in additional overhead costs, and overall security efficiencies.

Contrast enables customers to continuously monitor OpenShift applications at runtime to deliver the most actionable results without requiring AppSec teams to waste hundreds of hours validating results and causing delays for developers.

"Unfortunately many organizations lack the means to implement scalable security gates within their CI/CD pipelines, which translates to insecure code being shipped across distributed cloud environments. Contrast helps these teams drive their DevSecOps transformation with automation at scale. These new capabilities are another component to Contrast's overall mission of ensuring developers are empowered to embed security capabilities within their environments without imposing additional work on them. We want to make security a value-add for everyone."

Sanjay Ramnath, Vice President of Product Management at Contrast Security

Contrast enables Red Hat OpenShift users to benefit from the following capabilities:

  • Source-to-Image Deployment: Cloud developers can embed Contrast's Assess and Protect agents into their source code image to implement continuous vulnerability detection with runtime context and help protect their apps from targeted attacks in production.
  • CI/CD Jenkins Pipelines: AppSec teams can trigger automated security tests within native Jenkins pipelines and establish security policy gates to mitigate potential vulnerabilities. Alternatively, users can also automate in their Jenkins CI/CD pipelines by pulling the agent from Contrast.
  • OpenShift Pipelines via Tekton: Contrast provides OpenShift users with automated tasks that can be used to create repeatable pipeline templates within OpenShift Pipelines environments. APIs provided by the Contrast Secure Code Platform help initiate automated vulnerability static scanning at build time and instrument applications for security telemetry from within prior to deployment.

The Contrast Secure Code Platform is available today with support for Java, .NET, and Node.js applications. 

About Contrast Security
Contrast Security secures the code that global business relies on. It is the industry's most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.

Spotlight

Find All Your APIs with API Discovery

APIs operating without any security controls are just waiting to be exploited. Misconfigurations, suspicious behavior, and cyber attacks may already be occurring without your knowledge. Hackers are on the lookout for APIs that will allow them to access data covertly, providing time to not only extract data, but to explore additional attack vectors.

More featured news

Spotlight

Find All Your APIs with API Discovery

APIs operating without any security controls are just waiting to be exploited. Misconfigurations, suspicious behavior, and cyber attacks may already be occurring without your knowledge. Hackers are on the lookout for APIs that will allow them to access data covertly, providing time to not only extract data, but to explore additional attack vectors.

Related News

Security Audit and Compliance

Lumen Enhances its SASE Solution with New Security Features Addition

Lumen Technologies | September 13, 2023

Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product. The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE. The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways. On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers. Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback. The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries. Senior Director of SASE Product Management at Lumen, Darren Wolner, said, There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements. [Source – Cision PR Newswire] Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment. The new capabilities added to Lumen SASE Solutions include: Security Service Edge (SSE) SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers. Cloud-hosted Gateways Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment. In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada. Pete Finalle, Research Manager with IDC, stated, The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide. [Source – Cision PR Newswire] Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.

Read More

Enterprise Security, Platform Security, Software Security

Jamf Teams With Google Cloud to Enable Collaborative, Mobile Workforces Through New Advanced Security and Management Workflows

Globenewswire | July 07, 2023

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced three new integrations with Google Cloud, enabling and protecting mobile workforces that use Google and Apple. Encompassing Zero Trust, observability, and identity workflows, Jamf continues to provide unique value for Google Cloud users with Apple devices. Bringing Zero Trust to Life: Google Cloud’s BeyondCorp Enterprise Now Available for iOS and iPadOS Jamf’s integration with BeyondCorp now supports device compliance signals for iOS and iPadOS. The addition of Apple’s mobile platforms builds on last year’s release of the Jamf and Google Cloud’s BeyondCorp integration for macOS. Jamf is the first management platform to support Apple desktop and mobile devices in this Zero Trust framework. “Some of the world’s most successful organizations choose to empower their employees with Mac and iPhone, while taking advantage of Google Cloud’s speed, security and flexibility for Cloud applications,” said Sam Weiss, Alliance Partner Manager for Google at Jamf. “Now these modern companies that choose Apple hardware and Google Cloud software can more effectively secure and manage their mobile workforces.” Jamf’s extensive Apple device management and security capabilities allow the enforcement and monitoring of device compliance status. When integrated with BeyondCorp, admins can create context-aware access policies that include Jamf compliance status. This combination of device-based and user-based access controls allows organizations to define policies specific to their needs, ensuring all devices and users can access corporate data wherever they choose to work from. "We at Unibuddy are thrilled about the seamless integration between Jamf and Google Cloud's BeyondCorp, which aligns with our Zero Trust security model. This partnership will enable us to efficiently manage our macOS and iOS devices while enhancing our security posture and ensuring the privacy of our employees," said Rupen Valand, Global IT Manager at Unibuddy. "Strong security is important for university partners and employees because it helps protect sensitive data and build trust. By providing an extra layer of security for accessing company resources, this solution empowers our employees to work remotely with ease and confidence, unencumbered by security or privacy concerns. We're excited to implement this solution and unlock its full potential with our teams at Unibuddy." Elevating Security Operations: Google Cloud’s Chronicle Enhances Jamf Integration Security teams are more effective when they have complete visibility of events in their environment. Google Cloud’s Chronicle is a modern security operations suite that enables threat detection, investigation and response with speed, scale and precision. Chronicle SIEM’s default parsers for Jamf Pro and Jamf Protect now map even more Jamf data into Chronicle’s unified data model (UDM). Additionally, Chronicle’s new support for Webhooks means Jamf Protect can automatically send security alerts and events to Chronicle as they occur. Now, IT and security teams can more effectively collaborate on security event detection and prevention by aggregating Jamf’s Apple device telemetry in Chronicle. The Chronicle parsers for Jamf Pro, Jamf Protect and support for Webhook, are all available now. “Directly integrating Jamf Protect into Chronicle has been a big win for us,” said Mikail Tunç, Head Of Security at Algbra. “The extensive detail provided by Jamf Protect Telemetry logs has heightened our ability to identify and mitigate more threats than ever, while staying resilient to Apple OS updates. We look forward to contributing to the broader community by open-sourcing our Chronicle detection rules over Jamf Protect data.” Simplifying end-user protection: Jamf brings Google Cloud Identity support to Jamf Trust Jamf has extended Google Cloud Identity support to Jamf Trust and improved the user app for endpoint security. This enhancement brings a consistent single sign-on experience for users with their Identity credentials, enabling robust endpoint security without complex integrations or additional assistance from IT. “At Spendesk, we’re thrilled to have our native identity provider Google Cloud supported by the Jamf Trust app. This will allow us to speed up our Zero Trust adoption. It’s really great how Jamf supports Google Cloud-based organizations like Spendesk,” said Hakim Boukir, IT Manager at Spendesk. About Jamf Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. To learn more, visit www.jamf.com.

Read More

Enterprise Security

Netskope Partners with Wipro to Power New Managed Security and Network Services

PRnewswire | July 11, 2023

Netskope, a leader in Secure Access Service Edge (SASE) today announced a new partnership with Wipro Limited to deliver robust cloud-native Managed Secure Access Service Edge (SASE) and Managed Zero Trust Network Access (ZTNA) services to Wipro's extensive global enterprise client portfolio. "As the global work environment transforms, our Security Cloud platform continues to serve as a critical component for remote workforces, and we are well-positioned to continue to support enterprises as their security needs evolve," said Dave Rogers, SVP of Global Alliances and Channel Sales, Netskope. "By pairing Wipro's deep cybersecurity managed services expertise with Netskope's advanced, full-stack SASE platform, this partnership will build on our shared goal of providing customers an efficient and robust integrated managed cloud security offering to secure and accelerate their digital transformation projects." Wipro provides best-in-class, end-to-end transformative cybersecurity solutions. Wipro CyberTransform® delivers cyber resilience to clients through an integrated suite of business-aligned strategy-first cybersecurity advisory and implementation services. Wipro CyberShieldSM offers proactive, on-demand cyber defense and comprehensive managed security services. "Wipro and Netskope support many Fortune 2000 companies that have successfully navigated significant digital transformation journeys," said Tony Buffomante, Senior Vice President and Global Head of Cybersecurity and Risk Services, Wipro Limited. "As our clients move forward, they understand the need to have a strong cloud-based security posture that's smart enough to protect data, applications and users no matter where they are located. That's now possible through this new partnership with Netskope, which extends Wipro CyberTransform® and Wipro CyberShieldSM capabilities." Managed Secure Access Service Edge (SASE) powered by Netskope delivers security services to protect employees and applications in the cloud as well as existing on-premises applications and infrastructure. The solution helps users: • Eliminate blind spots across thousands of cloud services (SaaS and IaaS) and millions of websites • Secure managed cloud services like Microsoft 365, Google Workspace and AWS, as well as unmanaged cloud services, without the need for blocking • Guard sensitive data with award-winning data loss prevention (DLP), including pre-defined profiles for compliance • Stop elusive cloud threats with anti-malware, sandboxing, machine learning (ML) analysis, Cloud Threat Exchange for IOC sharing, plus behavior analytics or targeted remote browser isolation (RBI) The managed SASE package offers clients unparalleled service coverage, performance and resilience, by leveraging Wipro's strategy-first design and Netskope's NewEdge Network, the world's largest, highest-performing security private cloud. Access to key enterprise applications and data must be controlled no matter where the resources are located. Wipro's Managed Zero Trust Network Access (ZTNA) powered by Netskope allows users to retire legacy connections and gain direct access to applications based on user identity and behavioral context, providing: • Superior user experience with consistent and secure policy controls • Application-level access control that reduces threats by eliminating lateral movement within the network • Reduced deployment complexity and higher visibility and control, lowering the risk of data loss associated with multiple vendor solutions • Improved efficiency in security operations leveraging platforms • Simplified security and lower total cost of ownership About Netskope Netskope, a global SASE leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

Security Audit and Compliance

Lumen Enhances its SASE Solution with New Security Features Addition

Lumen Technologies | September 13, 2023

Lumen Technologies announces the launch of key security enhancements to its industry-leading secure access service edge product. The company’s SASE Solutions represents a first-of-its-kind, fully digital experience for purchasing, configuring, and overseeing enterprise SASE. The latest features incorporated into Lumen SASE Solutions are security service edge and cloud-hosted gateways. On September 12, 2023, Lumen Technologies, a leading provider of Secure Access Service Edge (SASE) solutions, committed to advancing human progress through technology facilitating the connection of people, data, and applications, announced the addition of key enhancements to its landmark SASE product. The addition of new features makes lumen SASE solutions even more simplified and flexible for customers. Lumen SASE Solutions represents a pioneering, entirely digital experience for purchasing, configuring, and managing enterprise SASE. This is a significant step in Lumen's ongoing efforts to drive innovation and foster growth. Notably, the SASE product improvements launch are a direct outcome of valuable customer feedback. The Lumen SASE approach focuses on simplification in order to deliver flexible, secure, and scalable SASE solutions to organizations of all sizes and industries. Senior Director of SASE Product Management at Lumen, Darren Wolner, said, There has been a rapid adoption of cloud-based services as more organizations implement hybrid work, but security is paramount to any cloud-based experience. This means savvy organizations soon realized a whole new set of requirements and challenges. We quickly enhanced the product to fit their requirements. [Source – Cision PR Newswire] Darren mentioned that Lumen has a strong focus on meeting customer wants and needs. He cited the latest SASE updates as a prime illustration of this commitment. The new capabilities added to Lumen SASE Solutions include: Security Service Edge (SSE) SSE encompasses a suite of integrated, cloud-centric security capabilities, which feature cloud-hosted gateways. These capabilities are designed to ensure secure access to websites, facilitate the safe sharing of sensitive data, and manage user permissions for software-as-a-service (SaaS) applications. These solutions are delivered in partnership with prominent SD-WAN and security providers. Cloud-hosted Gateways Cloud-hosted gateways offer organizations the flexibility to adopt 'grow as they go' network and security management features as they scale without the necessity of on-premises equipment. In addition to the global expansion of Lumen technologies, customers based in the US can now deploy premise-based SASE services to locations in EMEA and Canada. Pete Finalle, Research Manager with IDC, stated, The new, hybrid perimeter – encompassing the main office down to the remote workforce – has collided with multi-cloud resources. This has created numerous networking and security complexities that are difficult to solve without a customer outcomes-based approach, which few companies can provide. [Source – Cision PR Newswire] Finalle pointed out that Lumen has a distinctive position to deliver real business outcomes through a comprehensive, cloud-based network security stack. This stack significantly benefits from Lumen's presence in both network and cloud infrastructure. Additionally, he mentioned that the company's digital customer experience and managed approach to resolving the intricate security and networking challenges allow them to mitigate the deployment and management difficulties that frequently hinder the adoption of SASE.

Read More

Enterprise Security, Platform Security, Software Security

Jamf Teams With Google Cloud to Enable Collaborative, Mobile Workforces Through New Advanced Security and Management Workflows

Globenewswire | July 07, 2023

Jamf (NASDAQ: JAMF), the standard in managing and securing Apple at work, announced three new integrations with Google Cloud, enabling and protecting mobile workforces that use Google and Apple. Encompassing Zero Trust, observability, and identity workflows, Jamf continues to provide unique value for Google Cloud users with Apple devices. Bringing Zero Trust to Life: Google Cloud’s BeyondCorp Enterprise Now Available for iOS and iPadOS Jamf’s integration with BeyondCorp now supports device compliance signals for iOS and iPadOS. The addition of Apple’s mobile platforms builds on last year’s release of the Jamf and Google Cloud’s BeyondCorp integration for macOS. Jamf is the first management platform to support Apple desktop and mobile devices in this Zero Trust framework. “Some of the world’s most successful organizations choose to empower their employees with Mac and iPhone, while taking advantage of Google Cloud’s speed, security and flexibility for Cloud applications,” said Sam Weiss, Alliance Partner Manager for Google at Jamf. “Now these modern companies that choose Apple hardware and Google Cloud software can more effectively secure and manage their mobile workforces.” Jamf’s extensive Apple device management and security capabilities allow the enforcement and monitoring of device compliance status. When integrated with BeyondCorp, admins can create context-aware access policies that include Jamf compliance status. This combination of device-based and user-based access controls allows organizations to define policies specific to their needs, ensuring all devices and users can access corporate data wherever they choose to work from. "We at Unibuddy are thrilled about the seamless integration between Jamf and Google Cloud's BeyondCorp, which aligns with our Zero Trust security model. This partnership will enable us to efficiently manage our macOS and iOS devices while enhancing our security posture and ensuring the privacy of our employees," said Rupen Valand, Global IT Manager at Unibuddy. "Strong security is important for university partners and employees because it helps protect sensitive data and build trust. By providing an extra layer of security for accessing company resources, this solution empowers our employees to work remotely with ease and confidence, unencumbered by security or privacy concerns. We're excited to implement this solution and unlock its full potential with our teams at Unibuddy." Elevating Security Operations: Google Cloud’s Chronicle Enhances Jamf Integration Security teams are more effective when they have complete visibility of events in their environment. Google Cloud’s Chronicle is a modern security operations suite that enables threat detection, investigation and response with speed, scale and precision. Chronicle SIEM’s default parsers for Jamf Pro and Jamf Protect now map even more Jamf data into Chronicle’s unified data model (UDM). Additionally, Chronicle’s new support for Webhooks means Jamf Protect can automatically send security alerts and events to Chronicle as they occur. Now, IT and security teams can more effectively collaborate on security event detection and prevention by aggregating Jamf’s Apple device telemetry in Chronicle. The Chronicle parsers for Jamf Pro, Jamf Protect and support for Webhook, are all available now. “Directly integrating Jamf Protect into Chronicle has been a big win for us,” said Mikail Tunç, Head Of Security at Algbra. “The extensive detail provided by Jamf Protect Telemetry logs has heightened our ability to identify and mitigate more threats than ever, while staying resilient to Apple OS updates. We look forward to contributing to the broader community by open-sourcing our Chronicle detection rules over Jamf Protect data.” Simplifying end-user protection: Jamf brings Google Cloud Identity support to Jamf Trust Jamf has extended Google Cloud Identity support to Jamf Trust and improved the user app for endpoint security. This enhancement brings a consistent single sign-on experience for users with their Identity credentials, enabling robust endpoint security without complex integrations or additional assistance from IT. “At Spendesk, we’re thrilled to have our native identity provider Google Cloud supported by the Jamf Trust app. This will allow us to speed up our Zero Trust adoption. It’s really great how Jamf supports Google Cloud-based organizations like Spendesk,” said Hakim Boukir, IT Manager at Spendesk. About Jamf Jamf’s purpose is to simplify work by helping organizations manage and secure an Apple experience that end users love and organizations trust. Jamf is the only company in the world that provides a complete management and security solution for an Apple-first environment that is enterprise secure, consumer simple and protects personal privacy. To learn more, visit www.jamf.com.

Read More

Enterprise Security

Netskope Partners with Wipro to Power New Managed Security and Network Services

PRnewswire | July 11, 2023

Netskope, a leader in Secure Access Service Edge (SASE) today announced a new partnership with Wipro Limited to deliver robust cloud-native Managed Secure Access Service Edge (SASE) and Managed Zero Trust Network Access (ZTNA) services to Wipro's extensive global enterprise client portfolio. "As the global work environment transforms, our Security Cloud platform continues to serve as a critical component for remote workforces, and we are well-positioned to continue to support enterprises as their security needs evolve," said Dave Rogers, SVP of Global Alliances and Channel Sales, Netskope. "By pairing Wipro's deep cybersecurity managed services expertise with Netskope's advanced, full-stack SASE platform, this partnership will build on our shared goal of providing customers an efficient and robust integrated managed cloud security offering to secure and accelerate their digital transformation projects." Wipro provides best-in-class, end-to-end transformative cybersecurity solutions. Wipro CyberTransform® delivers cyber resilience to clients through an integrated suite of business-aligned strategy-first cybersecurity advisory and implementation services. Wipro CyberShieldSM offers proactive, on-demand cyber defense and comprehensive managed security services. "Wipro and Netskope support many Fortune 2000 companies that have successfully navigated significant digital transformation journeys," said Tony Buffomante, Senior Vice President and Global Head of Cybersecurity and Risk Services, Wipro Limited. "As our clients move forward, they understand the need to have a strong cloud-based security posture that's smart enough to protect data, applications and users no matter where they are located. That's now possible through this new partnership with Netskope, which extends Wipro CyberTransform® and Wipro CyberShieldSM capabilities." Managed Secure Access Service Edge (SASE) powered by Netskope delivers security services to protect employees and applications in the cloud as well as existing on-premises applications and infrastructure. The solution helps users: • Eliminate blind spots across thousands of cloud services (SaaS and IaaS) and millions of websites • Secure managed cloud services like Microsoft 365, Google Workspace and AWS, as well as unmanaged cloud services, without the need for blocking • Guard sensitive data with award-winning data loss prevention (DLP), including pre-defined profiles for compliance • Stop elusive cloud threats with anti-malware, sandboxing, machine learning (ML) analysis, Cloud Threat Exchange for IOC sharing, plus behavior analytics or targeted remote browser isolation (RBI) The managed SASE package offers clients unparalleled service coverage, performance and resilience, by leveraging Wipro's strategy-first design and Netskope's NewEdge Network, the world's largest, highest-performing security private cloud. Access to key enterprise applications and data must be controlled no matter where the resources are located. Wipro's Managed Zero Trust Network Access (ZTNA) powered by Netskope allows users to retire legacy connections and gain direct access to applications based on user identity and behavioral context, providing: • Superior user experience with consistent and secure policy controls • Application-level access control that reduces threats by eliminating lateral movement within the network • Reduced deployment complexity and higher visibility and control, lowering the risk of data loss associated with multiple vendor solutions • Improved efficiency in security operations leveraging platforms • Simplified security and lower total cost of ownership About Netskope Netskope, a global SASE leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements.

Read More

More featured news