Los Altos, CA —October 5, 2022 — Distinction Safety (Distinction), the chief in code safety that empowers builders to safe as they code, in the present day introduced the growth of its Safe Code Platform’s static utility safety testing (SAST) capabilities to incorporate JavaScript language assist together with assist for Angular, React and jQuery frameworks, which can enable builders to shortly discover and repair safety defects of their client-side code. With this new Distinction Scan addition, utility safety and improvement groups leveraging the Distinction Safe Code Platform can scale safety throughout the complete utility stack, from client-side to server-side, with industry-leading velocity and accuracy.
JavaScript is essentially the most standard coding language on the earth with fashionable frameworks similar to Angular, React and jQuery being ubiquitous in internet improvement. Nonetheless, since JavaScript is executed on the person’s browser, this exposes delicate utility knowledge on the client-side, leaving JavaScript functions prone to vulnerabilities like cross-site scripting (XSS) or Damaged Entry Management. Distinction prioritizes actual, exploitable vulnerabilities in client-side code by performing evaluation on weak entry factors inside the utility, permitting builders to depend on correct scans that take simply seconds.
Distinction’s prolonged capabilities assist DevSecOps organizations obtain the next advantages:
- Early detection of client-side vulnerabilities. That is achieved by means of analyzing client-side supply code inside routine improvement pipelines, complemented by easy-to-follow remediation steering straight inside the builders’ pipeline surroundings.
- Full visibility into client-side code threat. Distinction’s pipeline-native SAST engine coupled with safety guidelines tailor-made for JavaScript finds as much as 63% extra exploitable vulnerabilities than superficial checks run inside the IDE.
- False optimistic charges as little as 1%. A big discount in false optimistic charges in comparison with main business SAST instruments.
- Potential to safeguard every layer of the software program stack. Distinction Scan works in tandem with Distinction’s runtime code safety answer to safe front-end code and back-end code inside a centrally managed platform
“A rising concern for AppSec and Improvement Managers is how one can embed safety inside the improvement pipeline. No matter whether or not you specialise in front-end, back-end, or full-stack improvement, we wish to assist allow builders to ship safe code from the beginning,” mentioned Steven Phillips, Vice President of Product Advertising and marketing at Distinction Safety. “Thankfully, with the brand new growth of our Safe Code Platform language protection to incorporate client-side JavaScript with Angular, React and jQuery, AppSec and Improvement managers and their groups can now discover and repair safety defects of their client-side code with industry-leading velocity and accuracy. This can be a testomony to Distinction’s mission to additional put money into instruments that enable prospects to embed code safety testing by means of every stage of the SDLC [software development lifecycle].”
Consumer-side JavaScript assist is now accessible to enterprise prospects by means of current Distinction Scan subscriptions. Particular person builders can even instantly begin analyzing code for vulnerabilities with only a few clicks without cost with CodeSec. To be taught extra about Distinction Scan’s new language and framework protection, please go tohttps://www.contrastsecurity.com/contrast-scan or watch a recorded demo right here.
About Distinction Safety
Distinction Safety secures the code that world enterprise depends on. It’s the {industry}’s most fashionable and complete code safety platform, eradicating safety roadblock inefficiencies and empowering enterprise builders to write down and launch safe utility code quicker. Embedding code evaluation and assault prevention straight into software program with instrumentation, the Distinction platform robotically detects vulnerabilities whereas builders write code, eliminates false positives, and gives context-specific how-to-fix steering for straightforward and quick vulnerability remediation. Doing so allows utility and improvement groups to collaborate extra successfully and to innovate quicker whereas accelerating digital transformation initiatives. For this reason a rising variety of the world’s largest non-public and public sector organizations depend on Distinction to safe their functions in improvement and prolong safety to cloud and on-premise functions in manufacturing.
