Contrast performance and resource consumption
System Administrators can monitor performance and minimize the impact of Contrast on production servers by operating with the appropriate configuration of detective and corrective controls:
Development environments: Contrast Assess should be on and Protect can be off. This provides the strongest insight into an application’s security posture. This detailed insight favors deep insight over performance to focus on helping developers locate security flaws.
Test environments: Contrast Assess and Protect should be enabled based on what the team needs. Teams should strike a balance to achieve the overall goals of the team:
If little testing is done in development, teams should leverage Assess to find vulnerabilities as the application is used.
When evaluating performance, Contrast Assess should be turned off and only Protect should be enabled. This provides a corrective control that favors performance but still retrieves code-level information when corrective action is needed.
Production environments: Only Contrast Protect should be on. This provides contextual defense while favoring performance.
System Administrators can also use Contrast with application performance monitoring systems.