Contrast Security Announces Serverless Support Expansion

Contrast Security | February 24, 2023 | Read time : 04:00 min

Contrast Security Announces Serverless Support Expansion

On February 23, 2023, Contrast Security, a leading code security platform, announced the expansion of its contrast serverless application security tool, Contrast Serverless, to support Microsoft Azure Functions and allow customers to quickly scan for security vulnerabilities across multi-cloud environments.

While serverless and cloud-native development gains popularity, organizations struggle to determine which applications are fully secured due to the 'shared responsibility security model' of public cloud providers, particularly in the case of multi-cloud IT strategies.

Contrast Serverless addresses the needs of such organizations by providing a new security tool that is specifically designed to evaluate serverless risks while identifying common vulnerabilities (CVEs), detecting misconfigurations, and revealing user privilege issues, all within a single interface.

"Data shows 74% of infrastructure decision-makers at firms that are adopting public cloud use two or more public clouds and 17% are using five or more. Therefore, it's no surprise that 82% of cloud users have experienced security events due to confusion over shared responsibility security models."

(Avoid the Security Inconsistency Pitfalls Transitioning to Serverless 2022 Report)

The addition of Microsoft Azure Functions support to the Contrast Serverless platform allows organizations to evaluate the risk of their serverless applications across Microsoft and Amazon Web Services (AWS) from a single offering.

The tool provides complete visibility of cloud-native serverless functions, allowing the AppSec team to continuously monitor the organization's serverless posture. It also allows organizations to scan open source dependencies for vulnerabilities in applications and custom code, detect misconfigurations, and identify the least privilege issues based on Microsoft Azure function policy roles and active directory configurations.

Additionally, the tool can generate a contextual Microsoft Azure Functions risk score based on the abovementioned methods, enabling teams to address the most significant risk issues first. It also has the ability to apply remediation on function code in both AWS and Microsoft Azure environments.

About Contrast Security

Contrast Security is a renowned platform for code security, purposefully designed for developers to ensure swift and secure code movement while being trusted by security teams to safeguard business applications. It allows developers, security, and operations teams can quickly secure code across the entire Software Development Life Cycle (SDLC) and protect against targeted Application Security (AppSec) attacks. The company was founded in 2014 by cybersecurity industry veterans with the aim of replacing legacy AppSec solutions that cannot protect modern enterprises. The company's clientele includes some of the most prominent brands, such as BMW, Sompo Japan, DocuSign, AXA, Zurich, American Red Cross, and numerous other Fortune 500 enterprises globally.


Insights for CISO on Their ASM Journey The idea of an attack surface is not new, but how organizations and CISOs need to view their attack surfaces should be updated. Traditionally, IT has looked at an organization's attack surface from the inside out, asking questions like “What are the assets that connect to the wider internet

Other News

Cyber Security & Cloud North America – New Line-Up Speakers Announced

TechEx Events Ltd | April 17, 2023

The Cyber Security & Cloud Congress North America (17-18th May) has announced exciting new additions to its line-up of speakers and panellists for the upcoming two-day event in Santa Clara. The event will take place on May 17th and 18th, 2023, and will feature a diverse range of tech industry experts, including CIOs, CTOs, Cyber Security, Cloud Architects, and other key players in the field. Attendees will have a great opportunity to hear from the most talented speakers including: Prasanna P., Digital Transformation Leader – Enterprise Architecture & Enterprise Strategy Leader – Molina Healthcare Shea Lovan, Chief Security Officer – UC Santa Barbara Sachin Vaidya, EVP Chief Information Officer of Heritage – Bank of Commerce Kishore Viswanathan, Senior Technical Program Manager, Cybersecurity and Compliance – Lucid Motors Sameh Emam, Division Risk Manager – Union Bank Kavitha Venkataswamy, Director – Digital Product Security – Capital One Richard Paz, CISM, Cyber Security Engineer – NASA Jet Propulsion Laboratory & many more! In addition to these keynote speakers, the event will also feature several panel discussions covering a wide range of topics, including Zero Trust, Threat Detection & Response, Training, Talent & Culture, Identity & Access Management, Application Security, Data Security and more. Attendees will have the opportunity to network with other industry professionals and gain valuable insights into the latest trends and technologies shaping the cybersecurity and cloud technology landscape. The Cyber & Cloud Congress North America promises to be a knowledge-packed, innovative, and engaging event for all those interested in Cyber Security and Cloud technology, but also the newest technology solutions, products and services that will be showcased during the event. “We are thrilled to have such an outstanding group of speakers joining us for the Cyber & Cloud Expo,” said Lia Richards, Head of Conference. “With their diverse backgrounds and extensive experience, they will bring a wealth of knowledge and insights to our attendees. We look forward to hearing their perspectives on the most pressing issues facing the industry today”. WHAT ELSE TO EXPECT? Over the course of two days at Cyber Security & Cloud Congress North America attendees will have a great number of opportunities to visit exhibition stalls and connect with the representatives of some of the world’s biggest brands including IBM, IDC, Bosh, AWS, Zoho and many more, all implementing the latest in Cyber Security & Cloud technologies within their sectors. Paying attendees will also have a chance to join the networking party event following Day 1 of the conference, where all will be able to connect and network in a more relaxed setting, with free food and drinks provided. This opportunity is open for Gold and Ultimate Pass Holders, Speakers, Press, Sponsors, and Exhibitors. Find out more information here: Early-bird registration offering 25% discount of the full ticket price is open until 17th April, and interested attendees are encouraged to secure their tickets before the offer ends to avoid missing out on this exciting opportunity. Follow this link to discover ticket types and prices: About TechEx Events Ltd The TechEx Event portfolio is an international conference and tech showcasing cutting-edge tech innovation in enterprise. Featuring real-life use cases and in-depth industry insights, the event series delves into the AI, Big Data, Blockchain, Cyber Security, 5G, IoT and Edge Computing ecosystems. Running for over six years, our co-located events strengths lie within our expert community. We bring the heroes responsible for pushing game changing tech and strategy together, to craft relationships and creative solutions. We are the place where networking never stops – The one-stop-shop for enterprise innovators.

Read More


Insights for CISO on Their ASM Journey The idea of an attack surface is not new, but how organizations and CISOs need to view their attack surfaces should be updated. Traditionally, IT has looked at an organization's attack surface from the inside out, asking questions like “What are the assets that connect to the wider internet