Skip to main content

Install the Go agent

The Go agent uses a tool called contrast-go to inject instrumentation into your applications at build time. When you run an instrumented application, the Go agent automatically starts and monitors the application’s execution to detect vulnerabilities.

Tip

To see a list of available flags with command line arguments for contrast-go, type contrast-go -h.

Steps

Install contrast-go with the installer:

go run github.com/contrast-security-oss/contrast-go-installer@latest latest

Build your application with contrast-go:

contrast-go build -o output-name-of-application

Configure the Go agent using the Go YAML template or environment variables.
Run your application using the executable you generated in step 2.
Exercise and test your application.
Use the Contrast web interface to explore findings that the agent reports, such as vulnerabilities and library usage information.
By default, your application name is based on the application’s Go module. Use search in the Applications list to quickly find your application.

In this section:

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.