Contrast Security today introduced Application Detection and Response (ADR). Contrast Security ADR empowers security teams to identify vulnerabilities, detect threats, and stop attacks that target custom applications and APIs. Uniquely, ADR positions defenses inside the actual application, enabling security from within. Contrast Security ADR was officially announced this week at Black Hat USA 2024.
Today's layered “detection and response” security defenses have a gap. They provide visibility into and control of the network, cloud, endpoints, data and identity, but the application layer is a blindspot. They cannot reliably see what’s happening in custom applications and application programming interfaces (APIs). Unfortunately, security solutions such as web application firewalls (WAFs) provide very limited, high-level visibility into the behavior of applications in production, making it difficult to identify, understand and stop emerging threats. Because of that, threat actors are increasingly gaining access through applications.
The release of Contrast Security ADR is the next evolution in Application Security (AppSec), empowering security teams to:
- See Attacks on Applications and APIs: Security Operations teams can now get real-time alerts that include crucial context and fewer false positives on devastating attacks such as command injection, path traversal and SQL injection.
- Stop Attacks on Applications and APIs: SecOps teams can choose to utilize Contrast ADR’s real-time attack blocking capabilities or perform incident response actions as defined by their standard security workflows.
- Improve Detection & Response with new SOC Integrations: Security analysts can now take faster action armed with better attack intelligence on application and API attacks by leveraging the consoles of leading security information and event management (SIEM), cloud-native application protection platform (CNAPP), and extended detection and response (XDR) platforms.
“Companies have invested in detection and response capabilities across the network, including EDR (endpoint), NDR (network), CDR (cloud) and ITDR (identity threat) and are gaining even greater security control using XDR and next-gen SIEM solutions. But attackers continue to leverage gaps in applications and APIs. ADR closes that critical gap and blocks many zero-day attacks by removing these vulnerable blindspots,” said Rick Fitz, CEO of Contrast Security.
An important element to closing the visibility gap in applications and APIs is enabling defenders to take quick and decisive action. Ideally, analysts should be able to rely on their existing tools and workflows, rather than forcing them to spread their attention and time across multiple consoles to see their full attack surface. Contrast ADR integrates application visibility with common SIEM, XDR and CNAPP solutions so analysts can focus on disrupting threats via their standard security interfaces.
“Organizations need to see across their expanding attack surface, and they demand observability on every layer. Integrating Contrast Security ADR with Splunk helps to give our customers enhanced visibility and more accurate investigations, which lowers cyber risk by shining a light on the growing application and API attack vector,” said Tony Paterra, Vice President, Security Product Management at Splunk.
