New language and framework assist empowers builders to investigate front-end code for vulnerabilities all through the event lifecycle
LOS ALTOS, Calif., Oct. 5, 2022 /PRNewswire/ — Distinction Safety (Contrast), the chief in code safety that empowers builders to safe as they code, at this time introduced the growth of its Safe Code Platform’s static software safety testing (SAST) capabilities to incorporate JavaScript language assist together with assist for Angular, React and jQuery frameworks, which is able to enable builders to rapidly discover and repair safety defects of their client-side code. With this new Contrast Scan addition, software safety and growth groups leveraging the Distinction Safe Code Platform can scale safety throughout the complete software stack, from client-side to server-side, with industry-leading pace and accuracy.
JavaScript is probably the most popular coding language in the world with fashionable frameworks corresponding to Angular, React and jQuery being ubiquitous in internet growth. Nevertheless, since JavaScript is executed on the person’s browser, this exposes delicate software information on the client-side, leaving JavaScript purposes prone to vulnerabilities like cross-site scripting (XSS) or Damaged Entry Management. Distinction prioritizes actual, exploitable vulnerabilities in client-side code by performing evaluation on weak entry factors throughout the software, permitting builders to depend on correct scans that take simply seconds.
Distinction’s prolonged capabilities assist DevSecOps organizations obtain the next advantages:
- Early detection of client-side vulnerabilities. That is achieved by way of analyzing client-side supply code inside routine growth pipelines, complemented by easy-to-follow remediation steerage instantly throughout the builders’ pipeline surroundings.
- Full visibility into client-side code threat. Distinction’s pipeline-native SAST engine coupled with safety guidelines tailor-made for JavaScript finds as much as 63% extra exploitable vulnerabilities than superficial checks run throughout the IDE.
- False optimistic charges as little as 1%. A major discount in false optimistic charges in comparison with main industrial SAST instruments.
- Capability to safeguard every layer of the software program stack. Distinction Scan works in tandem with Distinction’s runtime code safety answer to safe front-end code and back-end code inside a centrally managed platform
“A rising concern for AppSec and Improvement Managers is how you can embed safety throughout the growth pipeline. No matter whether or not you specialise in front-end, back-end, or full-stack growth, we wish to assist allow builders to ship safe code from the beginning,” mentioned Steven Phillips, Vice President of Product Advertising and marketing at Distinction Safety. “Luckily, with the brand new growth of our Safe Code Platform language protection to incorporate client-side JavaScript with Angular, React and jQuery, AppSec and Improvement managers and their groups can now discover and repair safety defects of their client-side code with industry-leading pace and accuracy. It is a testomony to Distinction’s mission to additional spend money on instruments that enable clients to embed code safety testing by way of every stage of the SDLC [software development lifecycle].”
Consumer-side JavaScript assist is now accessible to enterprise clients by way of current Distinction Scan subscriptions. Particular person builders may also instantly begin analyzing code for vulnerabilities with only a few clicks free of charge with CodeSec.
To study extra about Distinction Scan’s new language and framework protection, please go to https://www.contrastsecurity.com/contrast-scan or watch a recorded demo here.
About Distinction Safety:
Distinction Safety secures the code that international enterprise depends on. It’s the {industry}’s most fashionable and complete code safety platform, eradicating safety roadblock inefficiencies and empowering enterprise builders to write down and launch safe software code sooner. Embedding code evaluation and assault prevention instantly into software program with instrumentation, the Distinction platform mechanically detects vulnerabilities whereas builders write code, eliminates false positives, and offers context-specific how-to-fix steerage for simple and quick vulnerability remediation. Doing so permits software and growth groups to collaborate extra successfully and to innovate sooner whereas accelerating digital transformation initiatives. For this reason a rising variety of the world’s largest non-public and public sector organizations depend on Distinction to safe their purposes in growth and lengthen safety to cloud and on-premise purposes in manufacturing.
Media Contact:
Laura Asendio
Public Relations Supervisor
Distinction Safety
[email protected]
SOURCE Distinction Safety
