Contrastへようこそ
Contrastは、ソフトウェア開発ライフサイクル(SDLC)の全てのフェーズで、リアルタイムのアプリケーションセキュリティを提供します。
Let's take a look at the core building blocks that you'll find: Observations, issues, and incidents.
注記
Other important features of the NorthstarNorthstar release are Contrast Graph and the Contrast Score.
Observations
Think of NorthstarNorthstar observations as individual security snapshots. They are the most basic piece of information NorthstarNorthstar collects.
The main types of observations are:
Vulnerability detections from the Contrast AST technology.
Attack events from the Contrast ADR technology.
Suspicious or malicious activity targeting your application.
Issues
Issues represent a specific security problem that a developer can likely fix in one place. They bring together related observations from both the Contrast IAST and Contrast ADR technologies. Think of an issue as a container for all the evidence related to a single underlying security flaw.
NorthstarNorthstar groups observations into issues based on these shared characteristics:
Organization: Issues are specific to a single organization for security and privacy reasons.
Application: Even if a problem appears in multiple applications, NorthstarNorthstar creates a separate issue for for each application. A developer needs to address the issue in each application.
Rule: The specific security rule that triggered the vulnerability detection (from Contrast AST technology) or the attack event (from Contrast ADR technology) must be the same for observations to be grouped into a single Issue.
Route: The location within the application where NorthstarNorthstar found the vulnerability or the attack occurred must be the same (as determined by the Contrast agent) to link observations.
NorthstarNorthstar can create issues or attack events even if it hasn't found a related vulnerability. This behavior helps highlight active threats. NorthstarNorthstar creates issues for all blocked attack events
View issues in the Contrast Insights dashboardContrast Insightsダッシュボード on the Issues page, and in Explorer.
Incidents
Incidents represent significant security situations that require attention from a security operations center (SOC) team. Just as issues are collections of observations, incidents are collections of related issues. NorthstarNorthstar creates incidents from issues when:
The issue contains at least one exploited or suspicious attack event observation.
The Contrast score for the issue's severity (based on CVSS v4.0 and Contrast technology) is greater than seven.
View incidents in the Contrast Insights dashboardContrast Insightsダッシュボード, on the Incidents page and in Explorer.