Overview

At Contrast, we take an inside out approach that embeds security testing throughout the development lifecycle. This full context improves accuracy, catching more critical vulnerabilities and remediating faster than any other approach in the market. Our comprehensive platform unifies development, security, and operations to help get secure code moving through your organization. You can secure code - web applications, cloud native, APIs, and open source - across the entire software development lifecycle all from one platform.

The Contrast Platform is comprised of: Contrast Assess offers interactive application security testing (IAST) to identify software vulnerabilities in real time while developers write code automatically. Contrast Assess agents instrument an application that allows monitoring code and report from within the application. With this depth of context, Contrast Assess can reduce alert noise caused by false positives and eliminate hours of work required by DevOps teams to find and fix vulnerabilities without the need for specialized security expertise.

Contrast Protect empowers teams to defend their applications anywhere they run, by embedding an automated and accurate runtime protection capability within the application to continuously monitor and block attacks.

Contrast Scan is a (SAST) source code scanning tool built from the ground up. Contrast Scan utilizes a pipeline-native approach to static application security testing that eliminates the inefficiencies that delay release cycles. Make security testing a simple routine that prioritizes the most pressing vulnerabilities to deliver fast, accurate and actionable results.

Contrast SCA enables businesses to protect their software supply chain by identifying real threats from third-party libraries across the entire software development lifecycle. With Contrast SCA, detect which open-source software components are called in the application runtime and prioritize vulnerability remediation based on which libraries are actively being used.

Contrast Serverless is a purpose-built cloud native application security testing solution to help customers secure their AWS Lambda functions and improve their security posture across their environment.

Need help? For custom pricing, EULA, or a private contract, please contact marketplace.selling@contrastsecurity.com , for a private offer.

Highlights

Analyze code 10x faster with great accuracy to get secure code moving
Find vulnerabilities and remediate 45x faster
Secure your code throughout the entire development lifecycle from one platform

Details

Sold by

Contrast Security

Features and programs

Financing for AWS Marketplace purchases

AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.

View financing details

Pricing

Contrast Security- The Secure Code Platform

Info

View purchase options

Pricing is based on contract duration. You pay upfront or in installments according to your contract terms with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.

12-month contract (4)

Info

Dimension	Description	Cost/12 months
Contrast Assess	Includes 10 developers; priced per app. (IAST+SCA)	$28,000.00
Contrast Protect	SaaS- Priced per application instance. (RASP)	$5,000.00
Contrast Scan	SaaS- Priced per developer. (SAST)	$1,000.00
Contrast Serverless	Cloud Native Solution. Priced per Developer.(SCA/SAST/DAST/IAM)	$1,000.00

Vendor refund policy

All fees are non-cancellable and non-refundable except as required by law.

Legal

Vendor terms and conditions

Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .

Content disclaimer

Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.

Usage information

Info

Delivery details

Software as a Service (SaaS)

SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.

Resources

Vendor resources

Contrast Secure Code Platform

Support

Vendor support

Contrast Security offers a variety of support options to help ensure your success. Please visit our support page for more information

Get support

AWS infrastructure support

AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.

Get support

Similar products

Contrast Security [Private Offer Only]

By Carahsoft Technology Corp.

Contrast secures your entire application portfolio with industry leading speed and accuracy, while empowering teams to automatically find and fix vulnerabilities across every step of the software developer lifecycle.

View product

CodeSec By Contrast - Developer Security Tools (Free Tier)

By Contrast Security

Contrast Security, a leader in AppSec and Developer Security as well as an AWS Advanced Security/DevOps Competency Partner, delivers CodeSec: a free developer security tool that offers the fastest, most accurate scanner in the market spanning from Web Apps to AWS Lambda Functions.

View product

Developing Serverless Solutions on AWS (AWSDEVSS)

By Fast Lane Inst. for Knowledge Transfer

This course gives developers exposure to and practice with best practices for building serverless applications using AWS Lambda and other services in the AWS serverless platform. You’ll use AWS frameworks to deploy a serverless application in hands-on labs that progress from simpler to more complex topics. You will use AWS documentation throughout the course to develop authentic methods for learning and problem-solving beyond the classroom.

View product

EPAM/UpSkill : Serverless Solutions on AWS - Instructor-Led Training

By EPAM Systems, Inc.

View product

Customer reviews

Write a review

Ratings and reviews

Info

0 ratings

5 star

4 star

3 star

2 star

1 star

0 AWS reviews

49 external reviews

External reviews are sourced from G2 and are not included in the star rating for this product.

Slobodan O.

Contrast Security is manageable

Reviewed on Oct 20, 2023

Review provided by G2

What do you like best about the product?

The default scoring, for libraries sometimes be discouraging. There are some security risk categories that are not covered I have noticed that the product keeps improving. There is room for improvement in terms of SCA options and UI functionalities.

What do you dislike about the product?

The absence of alerts also limits our ability to proactively solve security threats. Navigating through the interface is difficult for users.

What problems is the product solving and how is that benefiting you?

Contrast Security has transformed our cybersecurity approach. It continuously monitors our applications in time and identifies vulnerabilities promptly. It automates security testing and removes the necessity, for code reviews.

Leave a comment 0 comments

Sibila D.

Security and compliance of our applications

Reviewed on Oct 09, 2023

Review provided by G2

What do you like best about the product?

Contrast Security provide language support is a bit slow, on occasion.It is customized to prioritize vulnerability detection.

What do you dislike about the product?

The interface of Contrast Security sometimes is cluttered making it difficult to navigate and locate information. This platform improves from a intuitive design that enhances user experience.

What problems is the product solving and how is that benefiting you?

They have solved our application security difficulties by providing vulnerability detection and protection.

Leave a comment 0 comments

Higher Education

Contrast Security makes application security simple

Reviewed on Aug 23, 2023

Review provided by G2

What do you like best about the product?

Contrast makes understanding vulnerabilities easy. For every vulnerability found in custom code, there is an answer to what the vulnerability is, why it is a risk, and how to fix the vulnerability. It is also great at identifying libraries used within the application and the potential vulnerabilites for each library.

What do you dislike about the product?

Although Contrast is great at identitfying libraries, the default scoring for the libraries can be very particular. It can make developers feel discouraged seeing an F score because the library is a version behind. There is a way to change the scoring to only look at associated vulnerabilities, but there is still a benefit to seeing libraries that are behind on updates.

What problems is the product solving and how is that benefiting you?

With Contrast's IAST product we are able to see vulnerabilities at runtime and it reduces the amount of false positives that we see with other tools. Communication with development teams has improved because the breakdown of vulnerabilities is so clear.

Leave a comment 0 comments

Kiran S.

Shift-Smart with Contrast

Reviewed on Aug 17, 2023

Review provided by G2

What do you like best about the product?

Contrast allows us to test an application during the run-time, which reduces the number of false positives we have to deal with in traditional SAST scans. The IAST testing combines SAST and DAST into one while identifying the issues in open-source libraries and custom code. The Integrations are easy and don't consume more system resources to run the agent. The Sales, TAM, management, and Support team has the customer-first approach; their support is amazing they cater to your needs.

What do you dislike about the product?

Language Support in IAST is a bit slow and manageable, but handling legacy applications is tough without having to scan some old versions of programming languages if they could expand their language support and have backward compatibility, that would be great.

What problems is the product solving and how is that benefiting you?

Securing our application in Run-time is a huge advantage, while developers can remediate the vulnerabilities during the development phases. Their platform provides us the 360 visibility and security for our application, which is a key business problem for any fin-tech company.

Leave a comment 0 comments

Danielle H.

Effective Tool

Reviewed on Aug 14, 2023

Review provided by G2

What do you like best about the product?

The most helpful features of contrast security would be real time protection and its accuracy. Our company really benefits from the continuous security monitoring and protection during runtime as well as the high accuracy rate of detecting vulnerablities

What do you dislike about the product?

The only downside I can think of is the amount of false positive/negatives.

What problems is the product solving and how is that benefiting you?

Hybrid testing... monitor our applications inner working. Accessing HTTP requests/responses and call stacks. Contrast Protect.. runtime protection is very important to the security of our applications

Leave a comment 0 comments

View all reviews