Integrated Security Instrumentation Is the Future of AppSec

Old-school application security approaches such as static and dynamic testing fail. Dynamic application security testing (DAST) misses many vulnerabilities, leaving organizations at serious risk. Static application security testing (SAST) uses signature-based approaches that pinpoint huge volumes of false positives that incur substantial inefficiencies for both security and development teams. In addition to requiring time-consuming code halts, both SAST and DAST also struggle immensely when it comes to APIs that are connected to individual applications. Security instrumentation changes the paradigm, integrating security sensors into application routes that allow developers to manage vulnerabilities as they are coding within the application itself. In this podcast, Contrast Security’s Chief Strategy Officer Surag Patel explains how doing so speeds development cycles, facilitates collaboration between security and development teams, and improves efficiencies by eliminating false positives and automating time-consuming, manual workflows.