Beginning with Java agent version 126.96.36.19920, Contrast releases each version of its Java agent to Maven Central using group ID
com.contrastsecurity and artifact ID
contrast-agent. Go to com.contrastsecurity:contrast-agent to see the releases on Maven Central.
Although the jar file you can download from the Contrast UI is preconfigured with connection parameters, you must provide Contrast connection parameters using the agent configuration properties when using the contrast-agent.jar from Maven Central.
To learn how to download the Contrast agent from Maven Central, use the following guides:
To install the Java agent from the Contrast UI, complete the following steps:
java -javaagent:contrast.jar -jar <app-name>.jar
To see examples for specific technologies, go to the Server Configuration page, and select the article for the container you want to use.
To start analyzing an application, use the web application as you normally would in your browser: click on links, submit forms using normal data, etc. The sensors of the Contrast Java agent will gather information about the application’s security, architecture and libraries. You can view the results of the agent’s analysis in the Contrast UI.
If you want to download the agent and test with WebGoat, Contrast has a public repository to help you get started.