2020-05-05T10:37:00Z

What do you like most about Contrast Security Assess?

10

Hi Everyone,

What do you like most about Contrast Security Assess?

Thanks for sharing your thoughts with the community!

ITCS user
Guest
77 Answers

author avatar
Top 5Real User

By far, the thing that was able to provide value was the immediate response while testing ahead of release, in real-time.

2021-02-17T23:07:51Z
author avatar
Top 5Real User

In our most critical applications, we have a deep dive in the code evaluation, which was something we usually did with periodic vulnerability assessments, code reviews, etc. Now, we have real time access to it. It's something that has greatly enhanced our code's quality. We have actually embedded a KPI in regards to the improvement of our code shell. For example, Contrast provides a baseline where libraries and the usability of the code are evaluated, and they produce a score. We always aim to improve that score. On a quarterly basis, we have added this to our KPIs.

2020-09-14T06:48:00Z
author avatar
Top 10Real User

The most valuable feature is the continuous monitoring aspect: the fact that we don't have to wait for scans to complete for the tool to identify vulnerabilities. They're automatically identified through developers' business-as-usual processes.

2020-07-07T11:18:00Z
author avatar
Top 10Real User

No other tool does the runtime scanning like Contrast does. Other static analysis tools do static scanning, but Contrast is runtime analysis, when the routes are exercised. That's when the scan happens. This is a tool that has a very unique capability compared to other tools. That's what I like most about Contrast, that it's runtime.

2020-07-02T10:06:00Z
author avatar
Real User

We use the Contrast OSS feature that allows us to look at third-party, open-source software libraries, because it has a cool interface where you can look at all the different libraries. It has some really cool additional features where it gives us how many instances in which something has been used... It tells us it has been used 10 times out of 20 workloads, for example. Then we know for sure that OSS is being used.

2020-06-07T09:09:00Z
author avatar
Real User

The accuracy of the solution in identifying vulnerabilities is better than any other product we've used, far and away. In our internal comparisons among different tools, Contrast consistently finds more impactful vulnerabilities, and also identifies vulnerabilities that are nearly guaranteed to be there, meaning that the chance of false positives is very low.

2020-06-02T08:40:00Z
author avatar
Real User

What I find most valuable is the fact that we can install the agents onto the web server and then it does the automatic scanning. Every day when I come in, I log into Contrast and I can see the agent reports, real-time, on the vulnerabilities. I can see my list of security vulnerabilities that are immediately reported on a daily basis.

2020-05-05T10:37:00Z
Learn what your peers think about Contrast Security Assess. Get advice and tips from experienced pros sharing their opinions. Updated: June 2021.
511,773 professionals have used our research since 2012.