Contrast Security, Red Hat Team For
Cloud-Native CI/CD Automation
March 30, 2022
Security has partnered with Red Hat to enable OpenShift users to deploy secure,
containerized applications by integrating within native continuous integration
and continuous delivery (CI/CD) pipelines. These integrations empower OpenShift
users to retain the scalability of the OpenShift Container Platform, while
adding automated security testing as a routine part of the software delivery
process with no manual configuration or additional overhead costs.
These integrations were a joint effort between Contrast and Red Hat to ensure
security is embedded as a core component of the software delivery value stream.
Contrast continuously monitors customers' OpenShift applications at runtime to
deliver the most actionable results without requiring AppSec teams to waste
hundreds of hours validating results and causing delays for developers.
"Unfortunately many organizations lack the means to implement scalable security
gates within their CI/CD pipelines which translates to insecure code being
shipped across distributed cloud environments. Our partnership with Red Hat
OpenShift ensures that these teams can now drive their DevSecOps transformation
with automation at scale," said Sanjay Ramnath, Vice President of Product
Management at Contrast Security. "This partnership is another component to
Contrast's overall mission of ensuring developers are empowered to embed
security within their environments without imposing additional work on them. We
want to make security a value-add for everyone."
Contrast and Red Hat OpenShift integrations enable users to benefit from the
Deployment: Cloud developers can embed Contrast's Assess and Protect agents into
their source code image to ensure continuous vulnerability detection with
runtime context and ensure their apps are protected from targeted attacks in
CI/CD Jenkins Pipelines: AppSec
teams can trigger automated security tests within native Jenkins pipelines and
ensure security policy gates are established to ensure no vulnerabilities are
shipped to production.
OpenShift Pipelines via Tekton:
Contrast provides OpenShift users with automated tasks that can be used to
create repeatable pipeline templates within the OpenShift Pipeline environment.
APIs provided by the Contrast Secure Coding Platform help initiate automated
vulnerability scanning at build time and instrument security telemetry within
the application prior to deployment.
The Contrast Secure Code Platform is
available today to users leveraging the OpenShift Platform with support for
Java, .NET, and Node.js applications.