Home > News > featured news > Contrast Security Positioned as a Visionary in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

Enterprise Security, Platform Security, Software Security

Contrast Security Positioned as a Visionary in the 2023 Gartner® Magic Quadrant™ for Application Security Testing

Prnewswire | May 30, 2023 | Read time : 05:00 min

Contrast Security Positioned as a Visionary in the 2023

Contrast Security (Contrast), the code security platform built for developers and trusted by security, today announced it has been recognized as a Visionary by Gartner in the new "Magic Quadrant for Application Security Testing" for 2023. We believe the recognition further validates that the Contrast Secure Code Platform is a strong fit for organizations looking to improve their application security posture.

"The application security testing market continues to be saturated with solutions that lack context and overwhelm DevSecOps teams with false positives," said Steven Phillips, Vice President of Product Marketing at Contrast Security. "We've listened to feedback from our customers and have put a focus on delivering a comprehensive platform that helps overcome these challenges. It's encouraging to see our position within the Magic Quadrant due to our Ability to Execute and the Completeness of our Vision. We provide customers with the tools they need to deploy real-time security tools accurately."

The Contrast Secure Code Platform provides customers the ability to "Shift Smart" allowing DevSecOps teams to apply security testing throughout the development process across the entire software development lifecycle. As the only unified code security platform on the market, Contrast leverages the power of instrumentation to embed security within the application's runtime. This solves the challenges of legacy application security tools present in modern software environments. Furthermore, this inside-outside approach allows organizations to very cleanly combine results from the various tools, coordinate actions between them and write and execute complex security and testing policies with very little overhead visible to developers. Those are the features that more complex offerings often fail to achieve.

A full, complimentary copy of the Gartner "Magic Quadrant for Application Security Testing" for 2023 can be downloaded here.

About Gartner Magic Quadrant
Gartner evaluates companies based on completeness of vision and ability to execute criteria. Evaluation criteria for completeness of vision include market understanding, market strategy, sales strategy, offering (product) strategy, business model, vertical/industry strategy, innovation, and geographic strategy. Criteria for a vendor's ability to execute include product or service, overall viability, sales execution/pricing, market responsiveness/record, marketing execution, customer experience, and operations.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

GARTNER is a registered trademark and service mark of Gartner and Magic Quadrant is a registered trademark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.

About Contrast Security (Contrast)

A world-leading code security platform company purposely built for developers to get secure code moving swiftly and trusted by security teams to protect business applications. Developers, security and operations teams quickly secure code across the complete Software Development Life Cycle (SDLC) with Contrast to protect against today's targeted Application Security (AppSec) attacks.

Founded in 2014 by cybersecurity industry veterans, Contrast was established to replace legacy AppSec solutions that cannot protect modern enterprises. With today's pressures to develop business applications at increasingly rapid paces, the Contrast Secure Code Platform defends and protects against full classes of Common Vulnerabilities and Exposure (CVEs). This allows security teams to avoid spending time focusing on false positives so as to remediate true vulnerabilities faster. Contrast's platform solutions for code assessment, testing, protection, serverless, supply chain, application programming interfaces (APIs) and languages help enterprises achieve true DevSecOps transformation and compliance.

Contrast protects against major cybersecurity attacks for its customer base, which represents some of the largest brand-name companies in the world, including BMW, AXA, Zurich, NTT, Sompo Japan and The American Red Cross, as well as numerous other leading global Fortune 500 enterprises. Contrast partners with global organizations such as AWS, Microsoft, IBM, GuidePoint Security, Trace3, Deloitte and Carahsoft, to seamlessly integrate and achieve the highest level of security for customers.

The growing demand for the world's only platform for code security has landed the company on some of the most prestigious lists, including the Inc. 5000 List of America's Fastest-Growing Companies and the Deloitte Technology Fast 500 List of fastest-growing companies.

Spotlight

Getting Started with DMARC Secure your email. Stop phishing. Protect your brand.

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

More featured news

Spotlight

Getting Started with DMARC Secure your email. Stop phishing. Protect your brand.

The reality of email is that cybercriminals can use almost any brand or email domain to send spam, phishing emails, and malware installs, inflicting direct losses to customers and eroding the brand equity companies have spent years building up. The solution is DMARC, which allows companies to understand all the different mail st

Related News

Data Security, Cloud Security

Concentric AI Announces Multi-Lingual Support to Address Growing Global Demand for its Leading Data Security Posture Management Solution

Business Wire | August 24, 2023

Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management (DSPM), today announced support for data in German, Spanish, Italian, French, and Dutch languages, enabling it to meet rapidly growing global demand for its leading DSPM solution. As a result, today’s update to Concentric AI’s Semantic Intelligence™ DSPM solution enables multinational customers to discovery, classify, categorize, and secure their data in these newly supported languages. It also accelerates Concentric AI’s international expansion by addressing the data security needs of new customers that have a significant amount of private data in these languages. “We have seen a significant amount of interest from international customers, and with today’s announcement we are bringing our groundbreaking AI-enabled DSPM solution to more customers and countries,” said Karthik Krishnan, Founder and CEO, Concentric AI. “The way Concentric AI understands the content and context of data using Large Language Models (LLMs) differentiates us from competitors in the Data Access Governance and DSPM space. These new advancements will fuel our expansion into new markets as well as expand support for non-English data for our existing multinational customers.” Concentric AI’s Semantic Intelligence solution is enabled by LLMs that understand clients’ data to enable the industry’s most accurate data classification and DSPM solution. Now the LLMs developed by Concentric AI can read and understand the context of files, documents, and data in these new languages to provide the most accurate data discovery and classification solution to unmet needs in new markets. “This update is also important for our partners because many of their customers are either internationally based or they have customers who have data in multiple languages,” added Krishnan. “It also enables us to grow our partner ecosystem in these important new markets.” Concentric AI’s DSPM solution scans organizations’ data, detects sensitive or business critical content, identifies the most appropriate classification category, and automatically tags the data. Concentric AI uses artificial intelligence (AI) to improve discovery and classification accuracy and efficiency to avoid endless regex rules and inaccurate end user labeling. In addition, Concentric AI can monitor and autonomously identify risk to financial and other data from inappropriate permissioning, wrong entitlements, risky sharing, and unauthorized access. It can automatically remediate permissions and sharing issues or leverage other security solutions and cloud APIs to quickly and continuously protect exposed data. Concentric AI’s Semantic Intelligence™ automates unstructured and structured data security using deep learning to categorize data, uncover business criticality and reduce risk. Its Risk Distance™ analysis technology uses the baseline security practices observed for each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from oversharing, third-party access, wrong location, or misclassification. Organizations benefit from the expertise of content owners without intrusive classification mandates, with no rules, regex, or policy maintenance needed. About Concentric AI With Concentric AI, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric AI protects intellectual property, financial data, PII/PCI content, customer data, business confidential content and more, across on-premises and cloud-based data stores, as well as messaging and communication applications. The Concentric AI Semantic Intelligence™ Data Security Posture Management (DSPM) solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric AI is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif.

Read More

Enterprise Security, Software Security, API Security

Wallarm Unveils API Abuse Prevention, Protects Organizations Against Bot-Based Attacks

Businesswire | June 26, 2023

Wallarm, the end-to-end API security company, today announced the early release of its API Abuse Prevention feature to address one of the most critical API threats: bot-based attacks. Wallarm can now accurately identify and mitigate API bot activity, protecting systems against API abuse, account takeover (ATO), and price scraping. This new feature prevents potential revenue loss, protects customer information, and defends against reputational damage, while ensuring the best possible experience for legitimate API users. “Bots are a growing threat to API security, and traditional methods of prevention have proven to be ineffective,” said Ivan Novikov, CEO of Wallarm. “Our API Abuse Prevention feature is a game-changer. It can accurately detect and stop a wide range of bot types, without relying on JavaScript challenges. This provides our customers with a highly effective solution to protect their APIs from bot-based attacks.” "As the fintech, healthtech, and e-commerce industries continue to evolve, API security has become more crucial than ever, with bots posing an increasing threat. Traditional security measures, such as WAFs and WAAP tools, have demonstrated their inadequacy in mitigating these risks," explained Ivan Novikov, CEO of Wallarm. "Our API Abuse Prevention feature offers an innovative solution to this problem, accurately detecting and neutralizing various bot types without the complex deployment. This empowers our clients with a highly effective defense against bot-driven attacks on their APIs." Bots are a significant threat to the security of APIs and a massive concern for organizations of all sizes. In recent years, there have been several high-profile incidents of API abuse, including the theft of customer data, Denial-of-Service (DoS) attacks, and unauthorized access to sensitive information. These incidents have highlighted the need for effective solutions to prevent API abuse. Wallarm’s API Abuse Prevention provides organizations with a highly effective solution to protect APIs from bot-based attacks by using specialized detectors to identify and stop a wide range of bot types, including stuffing bots, spiders, scanners, security crawlers, and scalper bots. These detectors can detect bot activity based on several factors, such as request patterns, timing anomalies, and API endpoint behaviors. It is designed to provide organizations with customizable protection against malicious automated behavior that blocks the bad while allowing the good—and at scale. While traditional bot protection products are mostly focused on the web application, Wallarm’s API Abuse Prevention is specifically developed to mitigate automated actions against APIs where competing solutions fall short. It is delivered on the existing Wallarm Advanced API Security platform, enabling customers to reduce tool sprawl, analyst workload and fatigue, and operational costs. Additionally, Wallarm API Abuse Prevention includes detailed reporting and analysis, allowing organizations to better understand the nature and full scope of bot activity on their APIs, which can be used to improve overall API security and prevent future attacks. Wallarm’s API Abuse Prevention is available now as a part of Wallarm's Advanced API Security offering. To learn more, visit https://www.wallarm.com. About Wallarm Wallarm End-to-End API Security offerings provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to: discover all their web apps & API endpoints, traffic flows and sensitive data usage for complete visibility; protect their entire API portfolio against emerging threats; and respond automatically to incidents for better risk management. Our platform supports modern tech stacks, offering dozens of deployment options in cloud and Kubernetes-based environments, and also provides a full cloud solution. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.

Read More

Enterprise Security, Platform Security, Software Security

ReasonLabs Joins Microsoft Active Protections Program to Enhance Cybersecurity for Millions of Consumers Worldwide

Prnewswire | July 04, 2023

ReasonLabs, the cybersecurity pioneer equipping families and individuals with the same level of cyber protection used by major global companies, today announced that it has joined Microsoft Active Protections Program (MAPP), a program that allows security software providers early access to security data from Microsoft to enable them to provide faster updates to their customers. As a member of MAPP, ReasonLabs will receive advanced access to security vulnerability data from the Microsoft Security Response Center (MSRC) ahead of Microsoft's monthly security update. This information will allow ReasonLabs to better mitigate zero- and one-day vulnerabilities for their users prior to official patches from Microsoft and others. "ReasonLabs is proud to be a member of the Microsoft Active Protections Program, joining the ranks of leading organizations working to strengthen cyber protections for consumers and businesses around the world," said Kobi Kalif, CEO of ReasonLabs. "The data we will receive from Microsoft Security Response Center will enable us to better protect our customers and ensure our products remain on the cutting edge of the industry." "Receiving the latest vulnerability updates from Microsoft's Security Response Center will help us provide even greater protection to our users located in more than 180 countries worldwide. Pairing this information with ReasonLab's research arm, the Threat Intelligence Center, will solidify its place in the industry at the front line of threat intelligence research and prevention," said Yaniv Dudu, VP of Security at ReasonLabs. About ReasonLabs ReasonLabs is a cybersecurity pioneer equipping tens of millions of families and individuals worldwide with the same level of cyber protection utilized by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real-time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-Founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv.

Read More

Data Security, Cloud Security

Concentric AI Announces Multi-Lingual Support to Address Growing Global Demand for its Leading Data Security Posture Management Solution

Business Wire | August 24, 2023

Concentric AI, a leading vendor of intelligent AI-based solutions for autonomous data security posture management (DSPM), today announced support for data in German, Spanish, Italian, French, and Dutch languages, enabling it to meet rapidly growing global demand for its leading DSPM solution. As a result, today’s update to Concentric AI’s Semantic Intelligence™ DSPM solution enables multinational customers to discovery, classify, categorize, and secure their data in these newly supported languages. It also accelerates Concentric AI’s international expansion by addressing the data security needs of new customers that have a significant amount of private data in these languages. “We have seen a significant amount of interest from international customers, and with today’s announcement we are bringing our groundbreaking AI-enabled DSPM solution to more customers and countries,” said Karthik Krishnan, Founder and CEO, Concentric AI. “The way Concentric AI understands the content and context of data using Large Language Models (LLMs) differentiates us from competitors in the Data Access Governance and DSPM space. These new advancements will fuel our expansion into new markets as well as expand support for non-English data for our existing multinational customers.” Concentric AI’s Semantic Intelligence solution is enabled by LLMs that understand clients’ data to enable the industry’s most accurate data classification and DSPM solution. Now the LLMs developed by Concentric AI can read and understand the context of files, documents, and data in these new languages to provide the most accurate data discovery and classification solution to unmet needs in new markets. “This update is also important for our partners because many of their customers are either internationally based or they have customers who have data in multiple languages,” added Krishnan. “It also enables us to grow our partner ecosystem in these important new markets.” Concentric AI’s DSPM solution scans organizations’ data, detects sensitive or business critical content, identifies the most appropriate classification category, and automatically tags the data. Concentric AI uses artificial intelligence (AI) to improve discovery and classification accuracy and efficiency to avoid endless regex rules and inaccurate end user labeling. In addition, Concentric AI can monitor and autonomously identify risk to financial and other data from inappropriate permissioning, wrong entitlements, risky sharing, and unauthorized access. It can automatically remediate permissions and sharing issues or leverage other security solutions and cloud APIs to quickly and continuously protect exposed data. Concentric AI’s Semantic Intelligence™ automates unstructured and structured data security using deep learning to categorize data, uncover business criticality and reduce risk. Its Risk Distance™ analysis technology uses the baseline security practices observed for each data category to spot security anomalies in individual files. It compares documents of the same type to identify risk from oversharing, third-party access, wrong location, or misclassification. Organizations benefit from the expertise of content owners without intrusive classification mandates, with no rules, regex, or policy maintenance needed. About Concentric AI With Concentric AI, organizations can finally address their unmet data security needs by discovering and protecting business-critical content. Concentric AI protects intellectual property, financial data, PII/PCI content, customer data, business confidential content and more, across on-premises and cloud-based data stores, as well as messaging and communication applications. The Concentric AI Semantic Intelligence™ Data Security Posture Management (DSPM) solution uses deep learning and Risk Distance™ analysis to accurately categorize data, assess risk, and remediate security issues – without relying on upfront rules or complex configuration. Concentric AI is venture-backed by leading Silicon Valley VCs and is headquartered in San Jose, Calif.

Read More

Enterprise Security, Software Security, API Security

Wallarm Unveils API Abuse Prevention, Protects Organizations Against Bot-Based Attacks

Businesswire | June 26, 2023

Wallarm, the end-to-end API security company, today announced the early release of its API Abuse Prevention feature to address one of the most critical API threats: bot-based attacks. Wallarm can now accurately identify and mitigate API bot activity, protecting systems against API abuse, account takeover (ATO), and price scraping. This new feature prevents potential revenue loss, protects customer information, and defends against reputational damage, while ensuring the best possible experience for legitimate API users. “Bots are a growing threat to API security, and traditional methods of prevention have proven to be ineffective,” said Ivan Novikov, CEO of Wallarm. “Our API Abuse Prevention feature is a game-changer. It can accurately detect and stop a wide range of bot types, without relying on JavaScript challenges. This provides our customers with a highly effective solution to protect their APIs from bot-based attacks.” "As the fintech, healthtech, and e-commerce industries continue to evolve, API security has become more crucial than ever, with bots posing an increasing threat. Traditional security measures, such as WAFs and WAAP tools, have demonstrated their inadequacy in mitigating these risks," explained Ivan Novikov, CEO of Wallarm. "Our API Abuse Prevention feature offers an innovative solution to this problem, accurately detecting and neutralizing various bot types without the complex deployment. This empowers our clients with a highly effective defense against bot-driven attacks on their APIs." Bots are a significant threat to the security of APIs and a massive concern for organizations of all sizes. In recent years, there have been several high-profile incidents of API abuse, including the theft of customer data, Denial-of-Service (DoS) attacks, and unauthorized access to sensitive information. These incidents have highlighted the need for effective solutions to prevent API abuse. Wallarm’s API Abuse Prevention provides organizations with a highly effective solution to protect APIs from bot-based attacks by using specialized detectors to identify and stop a wide range of bot types, including stuffing bots, spiders, scanners, security crawlers, and scalper bots. These detectors can detect bot activity based on several factors, such as request patterns, timing anomalies, and API endpoint behaviors. It is designed to provide organizations with customizable protection against malicious automated behavior that blocks the bad while allowing the good—and at scale. While traditional bot protection products are mostly focused on the web application, Wallarm’s API Abuse Prevention is specifically developed to mitigate automated actions against APIs where competing solutions fall short. It is delivered on the existing Wallarm Advanced API Security platform, enabling customers to reduce tool sprawl, analyst workload and fatigue, and operational costs. Additionally, Wallarm API Abuse Prevention includes detailed reporting and analysis, allowing organizations to better understand the nature and full scope of bot activity on their APIs, which can be used to improve overall API security and prevent future attacks. Wallarm’s API Abuse Prevention is available now as a part of Wallarm's Advanced API Security offering. To learn more, visit https://www.wallarm.com. About Wallarm Wallarm End-to-End API Security offerings provide robust protection for APIs, web applications, microservices, and serverless workloads running in cloud-native environments. Hundreds of Security and DevOps teams choose Wallarm to: discover all their web apps & API endpoints, traffic flows and sensitive data usage for complete visibility; protect their entire API portfolio against emerging threats; and respond automatically to incidents for better risk management. Our platform supports modern tech stacks, offering dozens of deployment options in cloud and Kubernetes-based environments, and also provides a full cloud solution. Wallarm is headquartered in San Francisco, California, and is backed by Toba Capital, Y Сombinator, Partech, and other investors.

Read More

Enterprise Security, Platform Security, Software Security

ReasonLabs Joins Microsoft Active Protections Program to Enhance Cybersecurity for Millions of Consumers Worldwide

Prnewswire | July 04, 2023

ReasonLabs, the cybersecurity pioneer equipping families and individuals with the same level of cyber protection used by major global companies, today announced that it has joined Microsoft Active Protections Program (MAPP), a program that allows security software providers early access to security data from Microsoft to enable them to provide faster updates to their customers. As a member of MAPP, ReasonLabs will receive advanced access to security vulnerability data from the Microsoft Security Response Center (MSRC) ahead of Microsoft's monthly security update. This information will allow ReasonLabs to better mitigate zero- and one-day vulnerabilities for their users prior to official patches from Microsoft and others. "ReasonLabs is proud to be a member of the Microsoft Active Protections Program, joining the ranks of leading organizations working to strengthen cyber protections for consumers and businesses around the world," said Kobi Kalif, CEO of ReasonLabs. "The data we will receive from Microsoft Security Response Center will enable us to better protect our customers and ensure our products remain on the cutting edge of the industry." "Receiving the latest vulnerability updates from Microsoft's Security Response Center will help us provide even greater protection to our users located in more than 180 countries worldwide. Pairing this information with ReasonLab's research arm, the Threat Intelligence Center, will solidify its place in the industry at the front line of threat intelligence research and prevention," said Yaniv Dudu, VP of Security at ReasonLabs. About ReasonLabs ReasonLabs is a cybersecurity pioneer equipping tens of millions of families and individuals worldwide with the same level of cyber protection utilized by Fortune 500 companies. Its AI-powered, next-generation antivirus engine scans billions of files around the world to predict and prevent cyberattacks in real-time, 24/7. Its flagship product, RAV Endpoint Protection, together with its other products combine to form a multilayered solution that safeguards home users against next-generation threats. Co-Founded in 2016 by seasoned cybersecurity expert Andrew Newman—an architect of Microsoft's native cybersecurity program, Microsoft Defender—ReasonLabs is based in New York and Tel Aviv.

Read More

More featured news