Latest news with #ContrastGraph
Business Wire
04-08-2025
- Business
- Business Wire
Contrast ADR Marks One Year with Surging Growth, Expands Reach with New Developer and SecOps-Focused Integrations
LAS VEGAS--(BUSINESS WIRE)--One year after launching Application Detection and Response (ADR) at Black Hat, Contrast Security is accelerating its mission to secure modern software from the inside out. While legacy AppSec tools struggle to keep pace with AI-accelerated pipelines and cloud-native environments, Contrast has delivered a new approach built on runtime context, AI-driven remediation, and shared visibility across Dev, AppSec, and SecOps. Contrast Security's ADR adoption reached 40% of its customer base, reflecting rapid market validation and strong demand for a runtime-native approach to securing applications and APIs in production. The Northstar release, announced earlier this year, marked a major evolution of the platform. It unified detection, remediation, and observability into a single experience, powered by the Contrast Graph, a real-time behavioral model of the application layer that maps attack surface, defenses, vulnerabilities and more, providing the rich context app/API security demands. Northstar also introduced SmartFix, Contrast's agentic AI for auto-generating validated code fixes, and Deployment Hub with Flex Agent, which makes it easy to scale ADR across complex enterprise environments. According to Contrast's Software Under Siege 2025 report, application-layer attacks now occur every 3 minutes, yet most security teams lack the runtime context to detect or respond in time. This week, Contrast is expanding the reach of Northstar with two new ecosystem integrations that make runtime security even more accessible and effective: GitHub Copilot Integration – Developers can now apply AI-generated fixes that are validated by live runtime evidence, bridging the gap between detection and developer action. Unlike traditional AI suggestions that lack runtime context, Contrast SmartFix works with GitHub Copilot to generate secure code fixes based on runtime vulnerability details, proven exploitability, attack details, defenses available, and context from the Context Graph. This streamlines remediation by delivering ready-to-review pull requests that are both context-aware and safe for production, helping developers fix real issues faster without disrupting their workflow and ship with confidence. Sumo Logic Integration – Contrast attack telemetry now flows directly into Sumo Logic, enabling SOC teams to triage, investigate, and respond with full application-layer context. Security teams gain real-time visibility into exploit attempts, vulnerable code paths, and application behavior, all enriched through the Contrast Graph. By integrating runtime intelligence into existing SIEM workflows, organizations can stop breaches faster, reduce mean time to detect (MTTD), cut investigation overhead, understand the blast radius and close the loop between AppSec and incident response. The updates to the Northstar release align with Contrast's vision of securing software across the full lifecycle, from production back to code, with a single, unified platform. Contrast ADR is the first runtime-native platform for defending applications in production, built to detect, block, and remediate real threats as they happen. By uniting developers, AppSec, and SecOps around the same runtime intelligence, Contrast ADR delivers the shared context teams need to act faster, fix smarter, and stop chasing noise. 'Legacy tools show you possible issues. Contrast ADR shows you what's actually happening, so teams can act fast and act right,' said Jeff Williams, CTO and Co-founder of Contrast. 'From the inside out, Contrast is securing what matters most: the code that's running right now.' The adoption of ADR has been especially strong in industries with the highest security and compliance demands, including financial services, healthcare, manufacturing, and technology. Organizations in these sectors are replacing legacy scanners and fragmented workflows with Contrast's unified runtime platform to reduce time-to-fix, eliminate false positives, and improve real-world outcomes. 'ADR has always been about helping teams focus on what matters most by seeing what's actually happening within their apps,' said Faya Peng, Head of Product and General Manager of ADR at Contrast Security. 'These new integrations with GitHub Copilot and Sumo Logic just make that easier. Developers and security teams can now work from the same real-time data and take action faster, all within the tools they're already using.' To see Contrast ADR in action, visit Booth #1861 at Black Hat USA 2025, or learn more at About Contrast Security Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented threat sensors directly into the software, delivering unmatched visibility and protection. With continuous, real-time defense, Contrast uncovers hidden application-layer risks that traditional solutions miss. Contrast's powerful Runtime Security technology equips developers, AppSec teams and SecOps with one platform that proactively protects and defends applications and APIs against evolving threats.
Techday NZ
12-06-2025
- Business
- Techday NZ
Contrast Northstar brings real-time AI to application security
Contrast Security has announced the general availability of its new platform, Northstar, aimed at providing a unified application security experience for development, AppSec, and security operations teams. The Northstar release introduces features which allow teams to monitor application-layer attacks in real time, mitigate breaches, and remediate vulnerabilities using artificial intelligence within minutes, according to the company. The Contrast Graph Central to the platform is the Contrast Graph, which creates a digital twin of an organisation's application and API environment. The Graph maps live attack paths, monitors runtime behaviour, and visualises the connection between vulnerabilities, threats, and system assets to facilitate prioritisation and remediation. The company states that this live, dynamic context is intended to "eliminate the guesswork that plagues traditional tools" by focusing efforts on actual risk and allowing targeted, automated responses. Contrast's approach combines runtime data, contextual analysis, and AI-enabled auto-remediation in an effort to reduce noise and enable precise responses. Tyler Shields, Principal Analyst at Enterprise Strategy Group, said: "Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security, and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritisation and automated remediation, which are the key security outcomes required by security organisations today." Runtime intelligence The Northstar release is designed to give Security Operations and AppSec teams a real-time understanding of application-layer threats as they occur. Active vulnerabilities can be auto-remediated with the new Contrast AI functionality, using live context and dynamic risk scoring to support decision making. The unified platform offers different views tailored to specific roles, so that developers can focus on prioritising remediation while SOC teams can identify and act on the most critical threats. Martha Gamez-Smith, Information Security Officer at Texas Computer Cooperative | Education Service Center, Region 20, commented: "We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently." Contrast Northstar pairs runtime intelligence with automation, and aims to streamline how organisations defend software against evolving risks by providing a shared perspective for development, security, and operational teams. Unified user experience The new release delivers a visual experience built around the Contrast Graph, providing real-time visibility into attacks, vulnerabilities, and business risks. These views can be tailored for each team and integrated with existing developer, CNAPP, and SIEM tools. The Contrast Graph functions as a live map, helping teams to better understand the relationships between vulnerabilities, threats, and assets to enable collaborative response. Key features Northstar features dynamic risk scoring that prioritises vulnerabilities based on their context in production, including architecture, threats, and business risk. The platform unifies Application Detection and Response (ADR) with Application Security Testing (AST), providing shared context for incident and vulnerability correlation. This aims to break down silos between teams and improve the speed and accuracy of threat resolution. The Contrast AI SmartFix capability utilises Graph data to generate specific remediation plans, write code, create test scripts, and draft pull requests. The Contrast MCP Server makes runtime insights available across environments, supporting future AI-driven use cases. The Deployment Hub is designed to simplify onboarding and the roll-out of updates across complex environments, helping organisations to deploy protection faster. The Flex Agent streamlines the process of agent deployment and updates, requiring no manual configuration and lessening installation times. Northstar integrates with established security products such as Splunk, Wiz, and Sumo Logic, and the company says that additional integrations and strategic partnerships will be announced in the coming weeks. Discussing the release, Jeff Williams, OWASP Founder, and Contrast Security Founder and CTO, said, "Northstar is the culmination of everything we've learned about defending modern software. We didn't just bolt together another set of tools—we reimagined AppSec from first principles. By combining runtime observability, real-time graph context, and AI-powered automation, we built a platform that doesn't just find problems—it understands them, prioritises them, and helps teams fix them fast. This is the platform I've wanted since OWASP's earliest days—one that doesn't just generate alerts, but actually defends the software that powers our world." The Northstar release is now available to partners and enterprises looking to update their application security programmes via a unified, real-time security operations and remediation toolset. Additional partnerships and integrations are set to follow in the coming weeks.
