RESEARCH & RESOURCES

Contrast Security Partners with Red Hat OpenShift to Introduce Cloud-Native CI/CD Automation

New integrations available on Red Hat Marketplace enables secure code delivery to OpenShift users.

Note: TDWI’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.

Contrast Security, a provider of code security that empowers developers to secure as they code, has partnered with Red Hat to enable OpenShift users to deploy secure, containerized applications by integrating within native continuous integration and continuous delivery (CI/CD) pipelines. These integrations allow OpenShift users to retain the scalability of the OpenShift Container Platform while adding automated security testing as a part of the software delivery process with no manual configuration or additional overhead costs.

These integrations were a joint effort between Contrast and Red Hat to ensure security is embedded as a core component of the software delivery value stream. Contrast continuously monitors customers’ OpenShift applications at runtime to deliver the most actionable results without requiring application security (AppSec) teams to validate results that can cause delays for developers.

"Unfortunately many organizations lack the means to implement scalable security gates within their CI/CD pipelines, which translates to insecure code being shipped across distributed cloud environments,” said Sanjay Ramnath, vice president of product management at Contrast Security. “Our partnership with Red Hat OpenShift ensures that these teams can now drive their DevSecOps transformation with automation at scale."

Contrast and Red Hat OpenShift integrations enable users to benefit from the following capabilities:

  • Source-to-Image deployment: Cloud developers can embed Contrast’s Assess and Protect agents into their source code image to ensure continuous vulnerability detection with runtime context and ensure their applications are protected from targeted attacks in production.
  • CI/CD Jenkins pipelines: AppSec teams can trigger automated security tests within native Jenkins pipelines and ensure security policy gates are established to ensure no vulnerabilities are shipped to production.
  • OpenShift pipelines via Tekton: Contrast provides OpenShift users with automated tasks that can be used to create repeatable pipeline templates within the OpenShift Pipeline environment. APIs provided by the Contrast Secure Coding Platform help initiate automated vulnerability scanning at build time and instrument security telemetry within the application prior to deployment.

The Contrast Secure Code Platform is available now to users of the OpenShift Platform, with support for Java, .NET, and Node.js applications. For more information about the Red Hat OpenShift partnership and other Contrast Platform integrations, visit www.contrastsecurity.com/integration.

TDWI Membership

Get immediate access to training discounts, video library, research, and more.

Find the right level of Membership for you.