Contrast Assess uses an agent that instruments applications with sensors.
The sensors look at data flow in real-time and analyze the application from within to detect security issues.
How It Works
The platform examines:
- Libraries, frameworks, and custom code
- Configuration information
- Runtime control and data flow
- HTTP requests and responses
- Back-end connections
Testing Environments
The tool is designed for testing environments including:
- Test servers
- QA environments
- Staging servers
- Developer workstations
IDE Integration
The platform integrates with development tools like Visual Studio, allowing developers to identify and remediate vulnerabilities without leaving their integrated development environment.
Key Features
- Agent-based instrumentation for accurate results
- 95%+ true positive rate for OWASP Top 10 vulnerabilities
- Support for Java, .NET, Node.js, Python, Go, and Ruby
- Integrates with IDEs, CI/CD pipelines, and SIEM tools
- Free Community Edition available for getting started
- Seamless upgrade path to Contrast Protect (RASP) for production