Contrast Security (Contrast), the leader in code security that empowers developers to secure-as-they code, today announced that Contrast’s Assess and SCA services are now able to see accurate interactive application security testing (IAST) analysis of their PHP applications with little noise from false positives and no requirement for security expertise.
“Contrast Assess for PHP analyzes PHP web applications at runtime for library usage and vulnerability detection,” said Sanjay Ramnath, Vice President of Product Management at Contrast Security. “We’re excited to roll out our newest agent to PHP application users so that they can receive the same real-time, accurate results through their preferred language.”
PHP represents a substantial share of server-side application development but has been underserved by security automation tools in the past. Contrast PHP support is now generally available for customers looking to observe relevant function calls, trace data through the call stack, and determine when user-controlled data has been handled by the application in insecure ways. Contrast now detects a wide variety of vulnerabilities in PHP applications, including SQL injection, OS command injection, path traversal, and reflected XSS.
About Contrast Security:
Contrast Security secures the code that global business relies on. It is the industry’s most modern and comprehensive Code Security Platform, removing security roadblock inefficiencies and empowering enterprise developers to write and release secure application code faster. Embedding code analysis and attack prevention directly into software with instrumentation, the Contrast platform automatically detects vulnerabilities while developers write code, eliminates false positives, and provides context-specific how-to-fix guidance for easy and fast vulnerability remediation. Doing so enables application and development teams to collaborate more effectively and to innovate faster while accelerating digital transformation initiatives. This is why a growing number of the world’s largest private and public sector organizations rely on Contrast to secure their applications in development and extend protection to cloud and on-premise applications in production.