September 6, 2017 | Written by: Kaushik Srinivas
Categorized: How-tos | Security | What's New
Share this post:
Contrast Security is a revolutionary product that instruments your applications with sensors to detect security vulnerabilities in your code and protect your applications against attacks.
Applications on Bluemix that use the liberty-for-java buildpack can now use the Contrast Security build-pack to secure their applications. The build-pack utilizes the Contrast Security agent to instrument applications with sensors and monitor data flow in the application.
To view the results of the agent, customers will need Contrast Security’s central reporting console known as the TeamServer. This is provided both as a service (SaaS) and as an on-premises offering. If you are new to Contrast Security and need to get set up with an account, reach out to our support team before getting started with the Bluemix tile.
Once your Contrast Security account has been setup (note that this is outside of Bluemix), you can proceed with the steps below to instrument your application with the Contrast agent and onboard an application.
- If you do not have a Bluemix account, you can register for a 30-day free trial using the button below.
- Login to the Bluemix console and browse the Bluemix Catalog.
- Search for Contrast Security. You’ll see it listed in the DevOps category.
- Fill in your Contrast TeamServer URL, API Key, Service Key, and Username. These can be obtained from your TeamServer account under Organization Settings and then API. Bind the Contrast Security service to your application and hit the Create button.
- Contrast technology uses instrumentation to insert sensors into an application. Therefore, restart the application so that the agent instruments the application and sends over information to TeamServer.
To view results on Contrast TeamServer, login to your Contrast Security account and navigate to Applications. You will now be able to see your new Bluemix application reporting (as shown below). Contrast Security can now report vulnerabilities and block attacks on your applications directly.
Now it is your turn to try these steps! Feel free to post comments at the bottom of this blog article or you can tweet us @contrastsec.