Contrast Security Integrates With Kenna.VM to Bring Risk-based Vulnerability Management to the Application Layer

Integration brings visibility, risk scoring, and developer-friendly guidance, delivered in a single dashboard for fast vulnerability discovery, prioritization, and fixes

Contrast Security, a leader in modernizing application security, today announced its integration with Kenna.VM to bring an unprecedented risk-based approach to application vulnerability management. The integration enables Contrast custom code and open-source vulnerability data to be imported into Kenna.VM. The data is then combined with real-world threat and exploit intelligence and advanced data science to determine which vulnerabilities pose the highest risk and which can be deprioritized. Vulnerability insights based on thousands of real-world enterprise applications delivered in a single dashboard break down silos and bring visibility, risk scoring, and developer-friendly how-to-fix guidance to the application layer. 

Applications have become the new perimeter in a cloud-first environment and the key engine for growth and digital transformation in the enterprise. Yet, the velocity of development, use of third-party code, and diversity of the technology stack introduce unprecedented amounts of risk. The application layer has become an increasingly attractive target for cyber criminals, with high-profile software supply chain attacks on SolarWinds, Microsoft Exchange, and Kaseya. Contrast's recent 2021 Application Security Observability report also found that 39% of data breaches in the past year were the result of an application vulnerability. 

"The sheer number of digital transformation initiatives that embrace DevOps place unprecedented demands on application security," said Nikesh Shah, Sr. Director, Strategic Alliances at Contrast Security. "Developers and security teams are tasked to defend their applications with poor visibility into the exposure of these threats, gaps of how to prioritize the threats, and limited guidance on how to respond to those threats. By providing organizations with a singular view for application security and a way to prioritize high-risk vulnerabilities and accelerate remediation, we can help solve some of the biggest challenges in cybersecurity today."

The Contrast Application Security Platform's context-rich vulnerability and software composition analysis (SCA) data is now an integrated part of the Kenna.VM platform, providing security and developer teams with the following benefits:

  1. Prioritize High-risk Software Vulnerabilities. Efficiently remediate and proactively manage the vulnerabilities that present the most risk to an organization. With the integration, an organization can quickly see which application vulnerabilities to remediate first and the specific impact each action will have on an organization's risk posture.  
  2. Align Digital Transformation, DevOps, and Security Efforts With Business Objectives. Deliver a holistic and quantifiable view of the risk posture of an organization's digital investments. This will ensure an organization's transformation initiatives are protected, key functions are aligned, and the executive team is empowered to make data-driven investment decisions.
  3. Leverage Existing Security Investments. Optimize an organization's existing security ecosystem by leveraging security data from its mission-critical applications and integrating seamlessly with popular ticketing systems. With Contrast's Kenna.VM integration, security and DevOps teams will both understand what to fix, how to fix it, and why.
  4. Accurately Measure Application Risk. Combine application vulnerability data, asset information, and real-time threat intelligence to receive the most accurate assessment of the business' risk. 
  5. Predict and Prepare Better Future Exploits to the New Perimeter, the Application. Know the risk of an application vulnerability before exploits become a reality. Contrast's instrumented vulnerability data combined with Kenna.VM's predictive modeling technology accurately forecast the weaponization of new vulnerabilities and recommend remediation of high-risk vulnerabilities before an attack can happen.  

"Developers are being asked to release code faster than ever, but that pace can have consequences, including security gaps and added development cycles," said Surag Patel, Chief Strategy Officer at Contrast Security. "As we've seen from recent breaches, it's not enough to move quickly and leave security behind. This new integration allows Contrast to extend its contextual threat intelligence and data science to Kenna.VM users. Our ability to add more insight into risk levels associated with every vulnerability empowers organizations to get the most out of their limited DevOps resources."

Learn more about the Contrast and Kenna.VM integration in this blog or solution brief

About Contrast Security:

Contrast Security provides the industry's most modern and comprehensive Application Security Platform, removing security roadblock inefficiencies and empowering enterprises to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world's largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection in production.

Contrast Security
Jacklyn Kellick

Source: Contrast Security