Contrast Security AVM identifies application and API vulnerabilities in production

Contrast Security released Application Vulnerability Monitoring (AVM), a new capability of Application Detection and Response (ADR).

AVM works within applications to find application and API vulnerabilities in production and correlate those vulnerabilities with attacks. Accurately identifying the issues in production with AVM results in lower overall cyber risk.

Currently, companies are missing vulnerabilities in production because they are using traditional technologies like DAST, SCA, and SAST. AVM provides an alternative, allowing SecOps and DevOps teams to see what actual vulnerabilities exist in production environments so that they can proactively fix issues before they are exploited in an attack.

“Traditionally, application and API security testing happened before production, without any insight into real attacks or how software actually runs in production. As a result, development and AppSec teams are drowning in theoretical risk and false positives. By identifying the real, exploitable risks in a running app in production, and enriching them with details about real attacks and exploits, AVM automatically enables teams to focus on the risks that matter, before attackers find them,” said Jeff Williams, CTO of Contrast Security.

Customers using AVM are already experiencing improved security. “Contrast offers a valuable mix of speed and coverage,” said a leader of threat & vulnerability management at a multinational government healthcare services company. “We’re able to monitor vulnerabilities across multiple environments, including development and production. Our teams have increased visibility and can both see and take action as necessary.”

Contrast Security’s Application Detection and Response operates with unique intelligent sensors inside the application layer to identify and respond to attacks and defects in applications and APIs. It gives SecOps the behavioral context it needs to see and understand how attackers are targeting and exploiting applications, while simultaneously reducing the attack surface by pinpointing and prioritizing vulnerabilities.

With the added capabilities of AVM, SecOps teams, AppSec teams and DevOps teams can collaborate to prioritize and close exposed vulnerabilities in both custom code and libraries.

Application Vulnerability Monitoring allows organizations to tackle well known security problems:

• Solve for expanding application attack surface: Organizations using AI to accelerate development often struggle to manage their expanding attack surface. AVM provides continuous visibility within production applications, enabling secure innovation minus the risk.
• Solve for application risk blind spots: Organizations struggle to prioritize application vulnerabilities. The combination of AVM and ADR allows them to see the real exploitable risks in production and what’s actually being attacked. This allows SecOps to deploy compensating ADR controls while developers are implementing a permanent fix.
• Solve for inefficient incident response: Organizations can’t always identify the vulnerabilities exploited in a security incident because they are using traditional tools. The combination of AVM and ADR can now allow them to rapidly see the entry point, the context surrounding it and the necessary fix.
• Solve for zero-day attacks: Organizations are blind to unreported vulnerabilities with traditional approaches. Contrast AVM and ADR works within the application, continuously analyzing behavior and identifying vulnerabilities in real-time, so that organizations can stop and fix issues before they are widely known.

Contrast’s managed service, Contrast One, is also available for both AVM and ADR, for organizations that want expert assistance running their application security program.