Skip to main content

Contrast performance and resource consumption

Minimize the impact of Contrast on production servers by using the proper configuration:

  • Development environments: Contrast Assess should be on and Protect can be off. This provides the strongest insight into an application’s security posture. This detailed insight favors deep insight over performance to focus on helping developers locate security flaws.

  • Test environments: Contrast Assess or Protect should be enabled based on what the team needs. Teams should strike a balance to achieve the overall goals of the team:

    • If little testing is done in development, teams should leverage Assess to find vulnerabilities as the application is used.

    • When evaluating performance, Contrast Assess should be turned off and only Protect should be enabled. This provides a corrective control that favors performance but still retrieves code-level information when corrective action is needed.

  • Production environments: Only Contrast Protect should be on. This provides contextual defense while favoring performance.

See also

Agent performance with Protect

System requirements for .NET Framework agent

.NET Core system requirements

System requirements for the Node.js agent

PHP agent system requirements

System requirements for the Python agent

System requirements for the Ruby agent