Contrast Security Features
Administration (4)
API / Integrations
Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
Extensibility
Provides the ability to extend the platform to include additional features and functionalities
-
API / Integrations
Application Programming Interface Specification for how the application communicates with other software. APIs typically enable integration of data, logic, objects, etc. with other software applications.
-
Extensibility
Provides the ability to extend the platform to include additional features and functionalities
Analysis (9)
-
Reporting and Analytics
Tools to visualize and analyze data.
-
Issue Tracking
Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
-
Static Code Analysis
Examines application source code for security flaws without executing it.
-
Code Analysis
Scans application source code for security flaws without executing it.
-
Reporting and Analytics
Tools to visualize and analyze data.
-
Issue Tracking
Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
-
Static Code Analysis
Examines application source code for security flaws without executing it.
-
Vulnerability Scan
Scans applications and networks for known vulnerabilities, holes and exploits.
-
Code Analysis
Scans application source code for security flaws without executing it.
Testing (13)
Command-Line Tools
Allows users to access a terminal host system and input command sequences.
Manual Testing
Allows users to perfrom hands-on live simulations and penetration tests.
Test Automation
Runs pre-scripted security tests without requiring manual work.
Compliance Testing
Allows users to test applications for specific compliance requirements.
Black-Box Scanning
Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Detection Rate
The rate at which scans accurately detect all vulnerabilities associated with the target.
-
False Positives
The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
-
Manual Testing
Allows users to perfrom hands-on live simulations and penetration tests.
-
Test Automation
Runs pre-scripted security tests without requiring manual work.
-
Compliance Testing
Allows users to test applications for specific compliance requirements.
-
Black-Box Scanning
Scans functional applications externally for vulnerabilities like SQL injection or XSS.
-
Detection Rate
The rate at which scans accurately detect all vulnerabilities associated with the target.
-
False Positives
The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Performance (4)
Issue Tracking
Track issues as vulnerabilities are discovered. Documents activity throughout the resolution process.
Detection Rate
The rate at which scans accurately detect all vulnerabilities associated with the target.
False Positives
The rate at which scans falsely indicate detection of a vulnerability when no vulnerabilitiy legitimately exists.
Automated Scans
Runs pre-scripted vulnerability scans without requiring manual work.
Network (3)
Compliance Testing
Allows users to scan applications and networks for specific compliance requirements.
Perimeter Scanning
Analyzes network devices, servers and operating systems for vulnerabilities.
Configuration Monitoring
Monitors configuration rule sets and policy enforcement measures and document changes to maintain compliance.
Application (3)
Manual Application Testing
Allows users to perfrom hands-on live simulations and penetration tests.
Static Code Analysis
Scans application source code for security flaws without executing it.
Black Box Testing
Scans functional applications externally for vulnerabilities like SQL injection or XSS.
Functionality - Software Composition Analysis (3)
-
Language Support
Supports a useful and wide variety of programming languages.
-
Integration
Integrates seamlessly with the build environment and development tools like repositories, package managers, etc.
-
Transparency
Grants comprehensive user-friendly insight into all open source components.
Effectiveness - Software Composition Analysis (3)
-
Remediation Suggestions
Provides relevant and helpful suggestions for vulnerability remediation upon detection.
-
Continuous Monitoring
Monitors open source components proactively and continuously.
-
Thorough Detection
Comprehensively identifies all open source version updates, vulnerabilities, and compliance issues.
Threat Detection & Response - Runtime Application Self-Protection (RASP) (4)
Threat Remediation
Automates threat remediation and blocks common attacks such as SQL injections.
Threat Detection
Able to detect threats in the runtime environment in real-time.
Application Behavior Monitoring
Monitors application in normal environments to detect patterns that deviate from expected behaviors.
Intelligence and Reporting
Provides reports on detected threats.
Agentic AI - Vulnerability Scanner (2)
Autonomous Task Execution
Capability to perform complex tasks without constant human input
Proactive Assistance
Anticipates needs and offers suggestions without prompting
Agentic AI - Static Application Security Testing (SAST) (1)
Autonomous Task Execution
Capability to perform complex tasks without constant human input
Agentic AI - Interactive Application Security Testing (IAST) (1)
Autonomous Task Execution
Capability to perform complex tasks without constant human input
