Skip to main content

Contrast IAST technology

The Contrast IAST technology combines Static (SAST), Dynamic (DAST), and Interactive Application Security Testing (IAST) approaches to provide highly accurate and continuous information on security issues in your applications.

Contrast IAST uses an agent that instruments applications with sensors. The sensors look at data flow in real time and analyze the application from within to help figure out vulnerabilities in:

Libraries, frameworks, and custom code
Configuration information
Runtime control and data flow
HTTP requests and responses
Back-end connections

This technology is appropriate for environments such as a test, QA, or staging servers. It is also applicable to developer workstations. When coupled with Contrast integrations, such as Visual Studio, developers can find and fix vulnerabilities without leaving their integrated development environment (IDE).

Features

Once you configure the Contrast platform and onboard an agent,Contrast NorthStar offers you these features:

A list of issues for your applications, along with remediation guidance.
Scores to gauge the security of an application at a glance.

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.