Contrast Security - Experts & Thought Leaders

Exabeam, a global cybersecurity pioneer that delivers AI-driven security operations announced the appointment of Steve Wilson to Chief Product Officer (CPO). In his role, Wilson will head Exabeam’s product management and product marketing teams to continue to drive innovation in the company’s AI-driven security operations and New-Scale SIEM product portfolio. Wilson will report to CEO Adam Geller.  Extensive experience Wilson is a pioneer and innovator in AI, cybersecurity, and cloud computing Wilson is a pioneer and innovator in AI, cybersecurity, and cloud computing, with over 20 years of experience guiding high-performance teams to build mission-critical enterprise software and high-leverage platforms. Before joining Exabeam, he served as CPO at Contrast Security heading all aspects of product development, including strategy, product management, product marketing, product design, and engineering. SaaS business models Wilson has a proven track record of driving product transformation from on-premises legacy software to subscription-based SaaS business models including at Citrix, accounting for over $1 billion in ARR. Wilson also has experience building software platforms at multi-billion dollar technology companies including Oracle and Sun Microsystems. AI, cloud, and enterprise security “The intersection between AI, cloud, and enterprise security has always been my passion and I couldn’t be more excited to join Exabeam,” said Wilson, adding “I’ve watched the company transform from being the pioneering security analytics product on the market to offering a full suite of New-Scale SIEM products on its cloud-native security operations platform." SIEM and security operations Organisations continue to encounter more sophisticated cybersecurity attacks from adversaries" Steve Wilson continues, "The leaps and bounds Exabeam has taken to become a formidable player in SIEM and security operations are inspiring." He adds, "I’m looking forward to taking its high-performance products to the next level as organisations continue to encounter more sophisticated cybersecurity attacks from adversaries that must be defeated.” Generative AI and LLMs Wilson is also a project pioneer at the Open Web Application Security Project (OWASP) Foundation where he has assembled a group of over 400 experts to create the first industry-standard, comprehensive reference project called the “Top 10 List for Large Language Model Applications.” The list educates developers, designers, architects, managers, and organisations about the potential security risks when deploying and managing generative AI and other large language models (LLMs).  Speaker on cybersecurity, AI, and the future of work He is currently writing “The Developer's Playbook for Large Language Model Security” for O’Reilly Media (coming 2024) and is the author of “Java Platform Performance: Strategies and Tactics”. Wilson is a popular speaker on cybersecurity, AI, and future of work topics and has recently presented at RSA, The Churchill Club, Silicon Valley Leadership Group, DLA Piper Global Technology Summit, IDG Agenda, SAP TechEd, and WSJ Tech D.Live.  Cybersecurity expertise “We are thrilled to have Steve join the Exabeam leadership team. His extensive cybersecurity expertise makes him a natural fit to head Exabeam into its next stage of evolution,” said Adam Geller, CEO, of Exabeam, adding “As former CPO of Exabeam, it was critical to me that we find a pioneer with a strong background in AI, cloud, cybersecurity, and enterprise software with the same mission to make organisations everywhere more secure." Defend against cyberattacks Adam Geller continues, "I do not doubt that Steve will help us raise the bar even higher as we continue to innovate and build cybersecurity products and capabilities that help organisations worldwide detect threats, defend against cyberattacks, and defeat adversaries.” With more organisations leveraging AI for security operations, Wilson’s expertise will serve to develop new and cutting-edge AI offerings on the AI-driven Exabeam Security Operations Platform. AI advancements At its recent Spotlight23 conference, Exabeam debuted its latest AI advancements that increase security team accuracy and productivity, including Threat Explainer, a new product feature that will quickly and accurately classify threats and articulate business risk; a new data telemetry capability to alert customers about possible log source configuration errors; and other enhanced threat detection, investigation, and response (TDIR) capabilities. 

Contrast Security announced the release of Contrast Scan that revolutionises static application security testing (SAST) with pipeline-native static analysis to analyse code and detect vulnerabilities early on in the software development life cycle (SDLC). The release of Contrast Scan extends the DevSecOps capabilities of the Contrast Application Security Platform to the entire SDLC, empowering security teams to run scans up to 10x faster and remediate vulnerabilities up to 45x faster while meeting compliance requirements of an organization's security policy. Legacy static approach Incumbent legacy static approaches employ noisy rule sets to look for code quality issues. This outside-in approach generates immense volumes of security findings that become increasingly more time- and resource-intensive to manage. This is exacerbated due to the number of distracting false-positive alerts that kill productivity upwards of 85% in many instances. Application security For newer developer-friendly code scanning tools, application security shifts left too far, exacerbating the problem of false positives and leaving developers with no context on prioritisation or how-to-fix guidance. In response, two-thirds of practitioners who rely on legacy static scanning indicate they are looking for a different approach to application security. Pipeline-native approach Contrast Scan aims to solve these challenges with a pipeline-native approach that achieves dramatic improvements in speed, accuracy, and developer experience, accelerating digital transformation by removing inefficiencies and roadblocks that slow release cycles. Installing Contrast Scan on DevSecOps Contrast Scan is quick and easy, requiring zero configuration and literally three clicks to get findings Onboarding with Contrast Scan is quick and easy, requiring zero configuration and literally three clicks to get findings. Further, as Contrast Scan is integrated as part of the Contrast Application Security Platform, organisations have a unified, developer-friendly view of vulnerabilities and attacks with harmonised security profiles across SAST, interactive application security testing (IAST), runtime protection and observability, and software composition analysis (SCA), all in one DevSecOps platform. Key benefits of Contrast Scan include: 1) Results that matter delivered 10x faster A breakthrough demand-driven algorithm powers the static analysis engine in Contrast Scan, enabling teams to pinpoint exploitable vulnerabilities while ignoring those that pose no risk. As a result, based on real-world scan results, Contrast Scan can shrink the amount of time to run scans by 10x. Faster scans remove DevOps security roadblocks that slow innovation, improve the efficiencies of security and development teams, and reduce the operating expenses (OpEx) of scanning.  2) 45x faster remediation times When used in concert with the broader set of capabilities in the Contrast platform, Contrast Scan accelerates remediation times by an astounding 45x. This is achieved by enabling developers to focus on exploitable flows, prioritize routes with entry points based on runtime and production traffic analysis, and leverage actionable remediation guidance. All of this pays down security debt, which results in reduced application security risks. 3) 30% improvement in application security efficiencies By integrating pipeline-native static analysis security testing into the Contrast Application Security Platform, application security teams can improve scan, triage, and remediation efficiencies by up to 30%. Contrast’s comprehensive DevSecOps approach bakes security into rapid-release cycles that are typical of modern application development and deployment environments. It also offers complete coverage of the DevSecOps life cycle with application tools optimised from build to production. This streamlines compliance reporting often shrinking the time to demonstrate security policy compliance from days to minutes. Secure application from everywhere Contrast Scan is a game-changer for both application security and application development teams “Today’s organisations should not be forced to choose between speed and security. With the addition of Contrast Scan, the Contrast Application Security Platform now offers a path to DevSecOps that allows organisations to secure any application anywhere from a developer’s desktop, at a release gate, or in instances of production.” “The Contrast platform was purpose-built to deliver true DevSecOps with SCA, application security testing (AST), and exploit prevention capabilities using instrumentation across the entire SDLC.”  Game changer application “Contrast Scan is a game-changer for both application security and application development teams,” said Steve Wilson, Chief Product Officer at Contrast Security. “It allows teams to get unprecedented observability into their applications threat landscape early in the development life cycle without all the noise of traditional static scanning tools. This means organisations applications will remain more secure while enabling them to maintain the agility of their development teams.”