|By Marketwired .||
|February 4, 2013 06:01 AM EST||
COLUMBIA, MD -- (Marketwire) -- 02/04/13 -- Aspect Security, a pioneer in application security, today announced the availability of Contrast Enterprise On-Premise (EOP) Edition. Contrast EOP passively gathers security-relevant data directly from inside an organization's portfolio of running applications, then applies a powerful combination of static, dynamic, and runtime analysis to identify vulnerabilities, security architecture, and library problems without any need for security experts.
"Automation is the only way to secure an entire application portfolio -- but today's website and code scanning tools take forever and make too many mistakes -- worst of all, they require experts, so they don't scale," explained Jeff Williams, CEO Aspect Security. "Contrast EOP empowers an enterprise with realtime application security intelligence for every application, starting with the first line of code and continuing through system test, quality assurance, and even into production."
Contrast is the first truly scalable application security solution. Organizations can enable their application servers with Contrast in just seconds, and leverage their existing development and testing teams to get security coverage. Enterprise developers will enjoy an unprecedented level of clear, actionable guidance. In fact, Contrast is so easy to use that a 14-year-old developer found and correctly fixed 6 Cross Site Scripting (XSS) and 2 SQL Injection flaws in 30 minutes.
The secret to Contrast's unparalleled coverage and accuracy is the ability to access a wealth of data about the code, the runtime environment, HTTP traffic, and even runtime data flows -- far more data than traditional application security tools. This wealth of information combined with Contrast's innovative application vulnerability fingerprinting algorithms enables Contrast to identify more vulnerabilities, cover more code, and produce less false alarms than other application security technologies.
"With Contrast, organizations can break out of the penetrate-and-patch culture, and fix problems early in the SDLC," said Williams. "Contrast is compatible with real-world software development practices, including Agile and DevOps techniques. No more out-of-date paper-based vulnerability reports, annual scans, or pre-launch security surprises."
Contrast also protects organizations against insecure and improperly used open source components. Aspect Security researchers recently announced their discovery of a new remote code execution vulnerability in the Spring Framework, an open-source web application framework. Over 22,000 organizations worldwide downloaded susceptible versions of Spring over 1.3 million times last year alone. Contrast is the only automated tool that can identify this type of expression-language injection vulnerability in addition to many other types of complex, significant vulnerabilities.
Contrast research was sponsored in part by the Air Force Research Laboratory (AFRL). Contrast Enterprise on Premise is available now, starting at $4,800 per application per year.
About Aspect Security
Founded in 2002, Aspect Security focuses exclusively on application security, ensuring that the software that drives business is protected against hackers. Aspect Security's researchers analyze, test and validate on average of 5,000,000 lines of critical application code every month and the company unearths more than 10,000 vulnerabilities every year. Aspect is a founding member of the Open Web Application Security Project (OWASP), and has made vast industry contributions including the OWASP Top Ten, Enterprise Security API (ESAPI), Application Security Verification Standard (ASVS), Risk Rating Methodology, and WebGoat. For more information, please visit www.contrastsecurity.com or follow @contrastsec.
- WebRTC Summit at Cloud Expo Agenda Announced
- Google’s Enterprise Problem
- Building Video Calling with PubNub and WebRTC
- DataStax Announces New Startup Programme Offering Free Software, As Well As Free Training Courses For Cassandra Users And New Developer Tool
- Get Ready to Think Out (C)loud With Cloud Sherpas’ Upcoming Webinar Series
- Evaluation Report on Virtual Backup Software
- New PubNub App Template for WebRTC
- Series: Exchange 2013 and Lync 2013 Integration with AsteriskNOW PBX Pt. 1
- Strategic Enough to Matter, Code Halos and Mobile Apps
- GAMA : Quatre acteurs clefs, quatre stratégies différentes !
- Box and NSI Partnership Brings the Cloud to Businesses in the Middle East
- 7 Christmas Gifts For Your Business
- WebRTC Summit at Cloud Expo Agenda Announced
- OneLogin Raises $13M to Power Expansion
- Cloud Security Alliance Releases Cloud Controls Matrix, Version 3.0
- Survey Finds Large Enterprises Adopting WebRTC
- WebRTC Summit | WebRTC: Test then Disrupt
- WebRTC Summit Speaker Submissions Open
- WSO2 Expands Identity Management Capabilities Across Cloud, Mobile and Web Applications With the Launch of WSO2 Identity Server 4.5
- BMC Software to Exhibit at Cloud Expo Silicon Valley
- Twilio and LiveOps to Deliver WebRTC Deployments
- Oracle Demonstrates WebRTC Solution with CounterPath's Bria
- OpenStack for the Enterprise – Showcasing the OpenStack Ecosystem
- XIRSYS Launches WebRTC Hosting Service
- Where Are RIA Technologies Headed in 2008?
- The Top 250 Players in the Cloud Computing Ecosystem
- Dolphin Announces Open API With Over 50 Add-ons Including Dropbox and Wikipedia
- Personal Branding Checklist
- AJAXWorld 2006 West Power Panel with Google's Adam Bosworth
- Why Microsoft Loves Google's Android
- Google's OpenSocial: A Technical Overview and Critique
- Cloud Expo New York Call for Papers Now Open
- Wal-Mart To Sell $399 Ubuntu Linux-based Laptop with Google Operating System
- i-Technology Blog: Google Trends on Java, McNealy, AJAX, and SOA Give Pause For Thought
- i-Technology Blog: Is There Life Beyond Google?
- Android: Who Hates Google Over the Phone?