StackGen has partnered with Google Cloud Platform (GCP) to bring its platform to the Google Cloud Marketplace.
Contrast Security announced the release of Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).
AVM works within applications to find application and API vulnerabilities in production and correlate those vulnerabilities with attacks. Accurately identifying the issues in production with AVM results in lower overall cyber risk.
"Traditionally, application and API security testing happened before production, without any insight into real attacks or how software actually runs in production. As a result, development and AppSec teams are drowning in theoretical risk and false positives. By identifying the real, exploitable risks in a running app in production, and enriching them with details about real attacks and exploits, AVM automatically enables teams to focus on the risks that matter, before attackers find them,” said Jeff Williams, founder and CTO of Contrast Security.
Contrast Security’s Application Detection and Response operates with intelligent sensors inside the application layer to identify and respond to attacks and defects in applications and APIs. It gives SecOps the behavioral context it needs to see and understand how attackers are targeting and exploiting applications, while simultaneously reducing the attack surface by pinpointing and prioritizing vulnerabilities. With the added capabilities of AVM, SecOps teams, AppSec teams and DevOps teams can collaborate to prioritize and close exposed vulnerabilities in both custom code and libraries.
Application Vulnerability Monitoring allows organizations to tackle well known security problems:
- Solve for expanding application attack surface: Organizations using AI to accelerate development often struggle to manage their expanding attack surface. AVM provides continuous visibility within production applications, enabling secure innovation minus the risk.
- Solve for application risk blind spots: Organizations struggle to prioritize application vulnerabilities. The combination of AVM and ADR allows them to see the real exploitable risks in production and what’s actually being attacked. This allows SecOps to deploy compensating ADR controls while developers are implementing a permanent fix.
- Solve for inefficient incident response: Organizations can’t always identify the vulnerabilities exploited in a security incident because they are using traditional tools. The combination of AVM and ADR can now allow them to rapidly see the entry point, the context surrounding it and the necessary fix.
- Solve for zero-day attacks: Organizations are blind to unreported vulnerabilities with traditional approaches. Contrast AVM and ADR works within the application, continuously analyzing behavior and identifying vulnerabilities in real-time, so that organizations can stop and fix issues before they are widely known.
Contrast’s managed service, Contrast One, is also available for both AVM and ADR, for organizations that want expert assistance running their application security program.
Industry News
Tricentis announced its spring release of new cloud capabilities for the company’s AI-powered, model-based test automation solution, Tricentis Tosca.
Lucid Software has acquired airfocus, an AI-powered product management and roadmapping platform designed to help teams prioritize and build the right products faster.
AutonomyAI announced its launch from stealth with $4 million in pre-seed funding.
Kong announced the launch of the latest version of Kong AI Gateway, which introduces new features to provide the AI security and governance guardrails needed to make GenAI and Agentic AI production-ready.
Traefik Labs announced significant enhancements to its AI Gateway platform along with new developer tools designed to streamline enterprise AI adoption and API development.
Zencoder released its next-generation AI coding and unit testing agents, designed to accelerate software development for professional engineers.
Windsurf (formerly Codeium) and Netlify announced a new technology partnership that brings seamless, one-click deployment directly into the developer's integrated development environment (IDE.)
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, is making significant updates to its certification offerings.
The Cloud Native Computing Foundation® (CNCF®), which builds sustainable ecosystems for cloud native software, announced the Golden Kubestronaut program, a distinguished recognition for professionals who have demonstrated the highest level of expertise in Kubernetes, cloud native technologies, and Linux administration.
Red Hat announced new capabilities and enhancements for Red Hat Developer Hub, Red Hat’s enterprise-grade internal developer portal based on the Backstage project.
Platform9 announced that Private Cloud Director Community Edition is generally available.
Sonatype expanded support for software development in Rust via the Cargo registry to the entire Sonatype product suite.
CloudBolt Software announced its acquisition of StormForge, a provider of machine learning-powered Kubernetes resource optimization.