How-tos

Detecting security vulnerabilities with Contrast Security

Share this post:

Contrast Security is a revolutionary product that instruments your applications with sensors to detect security vulnerabilities in your code and protect your applications against attacks.

Contrast Security LogoApplications on Bluemix that use the liberty-for-java buildpack can now use the Contrast Security build-pack to secure their applications. The build-pack utilizes the Contrast Security agent to instrument applications with sensors and monitor data flow in the application.

To view the results of the agent, customers will need Contrast Security’s central reporting console known as the TeamServer. This is provided both as a service (SaaS) and as an on-premises offering. If you are new to Contrast Security and need to get set up with an account, reach out to our support team before getting started with the Bluemix tile.

Once your Contrast Security account has been setup (note that this is outside of Bluemix), you can proceed with the steps below to instrument your application with the Contrast agent and onboard an application.

  1. If you do not have a Bluemix account, you can register for a 30-day free trial using the button below.
  2. Login to the Bluemix console and browse the Bluemix Catalog.Bluemix Catalog
  3. Search for Contrast Security. You’ll see it listed in the DevOps category.Screen shot of Contrast Security listed in the DevOps category of Bluemix Catalog
  4. Fill in your Contrast TeamServer URL, API Key, Service Key, and Username. These can be obtained from your TeamServer account under Organization Settings and then API. Bind the Contrast Security service to your application and hit the Create button.Contrast Security service page on Bluemix
  5. Contrast technology uses instrumentation to insert sensors into an application. Therefore, restart the application so that the agent instruments the application and sends over information to TeamServer.

To view results on Contrast TeamServer, login to your Contrast Security account and navigate to Applications. You will now be able to see your new Bluemix application reporting (as shown below). Contrast Security can now report vulnerabilities and block attacks on your applications directly.Bluemix/Contrast Security Console

Now it is your turn to try these steps! Feel free to post comments at the bottom of this blog article or you can tweet us @contrastsec.

More How-tos stories
February 13, 2019

Simplify and Automate Deployments Using GitOps with IBM Multicloud Manager 3.1.2

Use Argo CD, a GitOps continuous delivery tool for Kubernetes, and IBM Multicloud Manager to achieve declarative and automated deployment of applications to multiple Kubernetes clusters.

Continue reading

February 11, 2019

Solving Business Problems with Splunk on IBM Cloud Kubernetes Service

In this tutorial, we will install Splunk Connect for Kubernetes into an existing Splunk instance. Splunk Connect for Kubernetes provides a way to import and search your Kubernetes logging, object, and metrics data in Splunk.

Continue reading

February 8, 2019

A How-To for Migrating Redis to IBM Cloud Databases for Redis

If you’re moving your data over to IBM Cloud Databases for Redis, you’ll need to take some steps to successfully migrate all of your data. We’ve got you covered. In this post, we’ll show you a quick way to start migrating your data across to Databases for Redis, whether your database is on-premise or in the cloud.

Continue reading