Detects vulnerabilities across web browsers, mobile clients, containers, frameworks, and more. Strategic expansion plans to enhance the existing platform, including an Observability offering.
Detects vulnerabilities across web browsers, mobile clients, containers, frameworks, and more
Detects vulnerabilities across web browsers, mobile clients, containers, frameworks, and more. It enables organizations to identify, monitor, and remediate vulnerabilities. It also helps prevent brand reputation damage.
As security and threat landscapes continue to evolve, vulnerability assessment remains an essential component of vulnerability management. Every organization needs a plan to manage and triage discovered issues. It is also critical to build an inventory of vulnerable applications and process executions.
For web browsers, attackers can collect user email, register their devices to adversary-controlled accounts, and even intercept information as part of various browser session hijacking techniques. They can also use browser extensions to customize the browser.
Adversaries can also build malicious images that bypass detection by the public registry. They can also use clipboard data to construct an image. They can also acquire domains for free or purchase them.
Depending on the operating system, passwords are stored in different places on a system. They are also used in applications to access restricted information. For ease of management, passwords are stored in specific applications. These passwords are often stored in encrypted formats.
An adversary can also modify user behavior, such as changing the content of a page, or perform lateral movement. They may also search for common password storage locations. They may also use obfuscated files and utilities on the system.
Observability offering
Observability is a technology that helps users understand what’s going on in a system. It can help determine what to work on and what to avoid. This can improve software development.
The Deloitte report found that companies with data observability platforms are improving their relationships with customers. A new New Relic study found that 75% of businesses expect to increase spending on data observability in 2022. And according to Statista, the volume of data will reach 180 zettabytes by 2025. That’s a lot of data! And companies need better insights from that data to drive better business outcomes.
A new startup in the observability space, DeepFactor, is aiming to improve software observability. It’s based on the idea of AI that helps users detect anomalous data patterns. And it has raised $15 million in a series A financing round led by Insight Partners and Emergent Ventures.
Other observability solutions include Bigeye, Monte Carlo, and Aporia. Bigeye uses a model that trains independent anomaly detection models for each data attribute. The model then learns from user feedback. Basically, it can detect data problems before they occur.
Another observability solution is Better Stack, a platform that combines incident management, monitoring, and data visualization. The platform claims that it’s up to 10 times cheaper than competing solutions. It’s also said to be more comprehensive. It supports SQL queries for custom reports.
Strategic expansion plans
Having garnered $269 million to date, Contrast Security is a leader in next-gen code security tools. The company’s offerings include a secure code platform, a slew of serverless apps, and an innovative security observability offering. It also has a bevy of partners, including VMware, AWS, and Google.
Contrast Security recently closed a series E round of funding in the tens of millions, led by Liberty Strategic Capital, and included investment from Battery Ventures, Warburg Pincus, and Acero Capital. A recent report from PricewaterhouseCoopers indicated that one third of U.S. CEOs are planning to increase their cybersecurity spending by double digits in the near future.
While Contrast has yet to make any major moves, the company hasn’t ruled out the possibility of a major push. In the past year, the company has introduced a security observability offering and a new branded app called Route Intelligence that uses “deep security instrumentation” to detect and mitigate vulnerabilities in web browsers, app servers, data layers, and user libraries. It also joined the Cloud Native Computing Foundation and the Linux Foundation.
Conclusion
Having a secure code platform is a good thing. The company’s offerings enable application and development teams to collaborate more effectively and deliver applications that are secure, reliable, and scalable. Using the company’s tools, enterprise developers can write secure code in less time.