Reviews from AWS Marketplace
0 AWS reviews
-
5 star0
-
4 star0
-
3 star0
-
2 star0
-
1 star0
External reviews
External reviews are not included in the AWS star rating for the product.
Application Security Testing at scale.
What do you like best about the product?
The tool helps find high-quality security vulnerabilities at the speed of DevOps. "Fail fast, fail often" at the requirement of daily changes to the application landscape. Traditional SAST and DAST tools struggle to keep up with the rate of change and cause more noise than acceptable. Contrast Security helped us reach our goal of coverage without the hassle of the terrible signal-to-noise ratio common to other application security tools.
What do you dislike about the product?
The main struggle that is inherit with this style of tool is the agent. However, it's unclear how you could have the best of both worlds without it.
What problems is the product solving and how is that benefiting you?
see "What do you like best?"
- Leave a Comment |
- Mark review as helpful
Great Tool - Easy to setup - Great Support
What do you like best about the product?
As an administrator, the tool being saas, I do not have to worry about the server and I just need to take care of the agents. Installation is easy and the configuration is not much harder. The documentation is well written and you will usually find what you need. For the maintenance, on some machines, I periodically update the agent, which is as simple as executing the installer. In the CI build, with docker image, I always fetch the latest version.
For the developer, they get a warning in our security slack channel when something in their code needs to be "improved".
Support has always been stellar when I needed them for clarification.
For the developer, they get a warning in our security slack channel when something in their code needs to be "improved".
Support has always been stellar when I needed them for clarification.
What do you dislike about the product?
There is nothing I dislike about that tool. It does the job we bought it for, in the background, with minimal maintenance.
What problems is the product solving and how is that benefiting you?
The developers get feedback on their code quickly, and they can fix it while it is fresh in their memory. You end up with a better, more secure application.
Recommendations to others considering the product:
Ask them for a demo, try it out on your product. You will be surprised how good it is.
Contrast Security for developers
What do you like best about the product?
We find the best part of Contrast Security to be the IDE features for developers in real time
What do you dislike about the product?
No disliked items or issues to report here.
What problems is the product solving and how is that benefiting you?
Real-time code recommendations to developers
Contrast Rocks
What do you like best about the product?
It is easy to get useful security information out of Contrast quickly. Easy to onboard and get to exactly where security defects exist in applicaitons.
What do you dislike about the product?
It can be a little pricey but worth the money.
What problems is the product solving and how is that benefiting you?
Contrast fills the gap of dynamic analysis in our SDLC.
Innovation in a security product that delivers real change in ways all other products hope for
What do you like best about the product?
Contrast delivers easy and fast vulnerability data about our applications (IDE environments) that continues through production with the RASP functionality.
What do you dislike about the product?
Initial installation is easy and fast, but the integration to the pipeline takes coordination in a large enterprise.
What problems is the product solving and how is that benefiting you?
Contrast delivers better application telemetry (data flow even, unique) in addition to accurate and verified vulnerability data that includes how to fix code and the line number of the issues. This can be sent to the IDE or to Jira bug tracking queues. We can get this needed info as fast as a developer's sprint operates and there is no more waiting for the security to push the product out to production.
With defects or backlogs of old issues, the RASP can neutralize these allowing more time to address them, essentially like giving aireal coverage.
With defects or backlogs of old issues, the RASP can neutralize these allowing more time to address them, essentially like giving aireal coverage.
Recommendations to others considering the product:
Take into consideration the total cost of ownership and all the value available by contrast.
No more OWASP errors, it can be done!
What do you like best about the product?
Easy to deploy for both cloud and on-prem. Excellent support.
Plenty of integration options works with pretty much every development method.
Great support team.
Real-time overview of CODE quality.
Plenty of integration options works with pretty much every development method.
Great support team.
Real-time overview of CODE quality.
What do you dislike about the product?
The contrast licensing model has a direct relation with "applications".
Every application needs to have a license. However, this model does not fit our organization very well.
We develop many microservices within their current licensing setup that requires a lot of licenses, thus could be more expensive than other solutions.
During development, our containers tripled in memory size while using Contrast.
Every application needs to have a license. However, this model does not fit our organization very well.
We develop many microservices within their current licensing setup that requires a lot of licenses, thus could be more expensive than other solutions.
During development, our containers tripled in memory size while using Contrast.
What problems is the product solving and how is that benefiting you?
The product has an integration with our code development.
Testing of the code done during development.
Real-time overview of found vulnerabilities
Multiple programming languages are supported.
Testing of the code done during development.
Real-time overview of found vulnerabilities
Multiple programming languages are supported.
Recommendations to others considering the product:
Please get in contact with your local salesperson and have them set up a proof of concept.
Security with DevOps in mind
What do you like best about the product?
Contrast Assess provides a clean and intuitive UI for viewing your organization's overall security posture while giving developers continuos real-time vulnerability details for their custom code and libraries, as well as how-to-fix remediation advice. No more packaging and uploading of code or outdated point-in-time scans. Great for letting you know what application routes are vulnerable or those that still need testing. If your app is running, Contrast is testing it.
What do you dislike about the product?
Like any agent its takes coordination sometimes to install within a corporate framework
What problems is the product solving and how is that benefiting you?
Because it's in the pipeline, we are discovering and remediating vulnerabilities long before they reach Production.
Exceptional IAST product
What do you like best about the product?
The product is amazingly fast as compared to traditional scanning tools. The overall process is straightforward to understand and has tons of integrations to support.
What do you dislike about the product?
I want Contrast Security to scan the artifacts sitting inside the repositories to help us understand what's going inside the application.
What problems is the product solving and how is that benefiting you?
It's a big problem to find security vulnerabilities in a complex application. Contrast security makes this job so much easy for us.
The whole platform is straightforward as we don't need different products for our security needs.
The whole platform is straightforward as we don't need different products for our security needs.
Awesome continuous scanning tool with great support
What do you like best about the product?
It's a continuous scanning tool. There is no start/end time to pentest and vulnerability management. The security posture of the application is real-time
What do you dislike about the product?
In my opinion and for my company needs, we don't have a downside
What problems is the product solving and how is that benefiting you?
Improving the security posture of the application and implementing DevSecOps within the company
showing 41 - 49