Skip to main content

icon-developers.png Instrument applications to find vulnerabilities

To find application vulnerabilities, you use Contrast agents to instrument your application. You have the option of using a Contrast extension with your IDE so you can see results and resolve vulnerabilities in the IDE.

Basic steps

  1. Install the agent to the local directory where the application is located.

  2. Configure the agent using a YAML file or set environment variables that include the Contrast connection data.

    The Agent configuration editor provides an easy method to configure the agent.

  3. Start the application and exercise routes.

Steps for using a Contrast IDE plugin

  1. Install the agent to the local directory where the application is located.

  2. Configure the agent using a YAML file or set environment variables that include the Contrast connection data.

    The Agent configuration editor provides an easy method to configure the agent.

  3. Start the application.

  4. Configure a Contrast IDE plugin with the required connection information.

    In this case, you need your personal key or API information found in the Contrast web interface, under user menu > User settings > Profile.

  5. Exercise routes in the application.

Next steps

Review vulnerabilities in the IDE.

In this section: