Contrast performance and resource consumption

Minimize the impact of Contrast on production servers by using the proper configuration:

  • Development environments: Contrast Assess should be on and Protect can be off. This provides the strongest insight into an application’s security posture. This detailed insight favors deep insight over performance to focus on helping developers locate security flaws.

  • Test environments: Contrast Assess or Protect should be enabled based on what the team needs. Teams should strike a balance to achieve the overall goals of the team:

    • If little testing is done in development, teams should leverage Assess to find vulnerabilities as the application is used.

    • When evaluating performance, Contrast Assess should be turned off and only Protect should be enabled. This provides a corrective control that favors performance but still retrieves code-level information when corrective action is needed.

  • Production environments: Only Contrast Protect should be on. This provides contextual defense while favoring performance.