Latest news with #TylerShields
Techday NZ
12-06-2025
- Business
- Techday NZ
Contrast Northstar brings real-time AI to application security
Contrast Security has announced the general availability of its new platform, Northstar, aimed at providing a unified application security experience for development, AppSec, and security operations teams. The Northstar release introduces features which allow teams to monitor application-layer attacks in real time, mitigate breaches, and remediate vulnerabilities using artificial intelligence within minutes, according to the company. The Contrast Graph Central to the platform is the Contrast Graph, which creates a digital twin of an organisation's application and API environment. The Graph maps live attack paths, monitors runtime behaviour, and visualises the connection between vulnerabilities, threats, and system assets to facilitate prioritisation and remediation. The company states that this live, dynamic context is intended to "eliminate the guesswork that plagues traditional tools" by focusing efforts on actual risk and allowing targeted, automated responses. Contrast's approach combines runtime data, contextual analysis, and AI-enabled auto-remediation in an effort to reduce noise and enable precise responses. Tyler Shields, Principal Analyst at Enterprise Strategy Group, said: "Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security, and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritisation and automated remediation, which are the key security outcomes required by security organisations today." Runtime intelligence The Northstar release is designed to give Security Operations and AppSec teams a real-time understanding of application-layer threats as they occur. Active vulnerabilities can be auto-remediated with the new Contrast AI functionality, using live context and dynamic risk scoring to support decision making. The unified platform offers different views tailored to specific roles, so that developers can focus on prioritising remediation while SOC teams can identify and act on the most critical threats. Martha Gamez-Smith, Information Security Officer at Texas Computer Cooperative | Education Service Center, Region 20, commented: "We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently." Contrast Northstar pairs runtime intelligence with automation, and aims to streamline how organisations defend software against evolving risks by providing a shared perspective for development, security, and operational teams. Unified user experience The new release delivers a visual experience built around the Contrast Graph, providing real-time visibility into attacks, vulnerabilities, and business risks. These views can be tailored for each team and integrated with existing developer, CNAPP, and SIEM tools. The Contrast Graph functions as a live map, helping teams to better understand the relationships between vulnerabilities, threats, and assets to enable collaborative response. Key features Northstar features dynamic risk scoring that prioritises vulnerabilities based on their context in production, including architecture, threats, and business risk. The platform unifies Application Detection and Response (ADR) with Application Security Testing (AST), providing shared context for incident and vulnerability correlation. This aims to break down silos between teams and improve the speed and accuracy of threat resolution. The Contrast AI SmartFix capability utilises Graph data to generate specific remediation plans, write code, create test scripts, and draft pull requests. The Contrast MCP Server makes runtime insights available across environments, supporting future AI-driven use cases. The Deployment Hub is designed to simplify onboarding and the roll-out of updates across complex environments, helping organisations to deploy protection faster. The Flex Agent streamlines the process of agent deployment and updates, requiring no manual configuration and lessening installation times. Northstar integrates with established security products such as Splunk, Wiz, and Sumo Logic, and the company says that additional integrations and strategic partnerships will be announced in the coming weeks. Discussing the release, Jeff Williams, OWASP Founder, and Contrast Security Founder and CTO, said, "Northstar is the culmination of everything we've learned about defending modern software. We didn't just bolt together another set of tools—we reimagined AppSec from first principles. By combining runtime observability, real-time graph context, and AI-powered automation, we built a platform that doesn't just find problems—it understands them, prioritises them, and helps teams fix them fast. This is the platform I've wanted since OWASP's earliest days—one that doesn't just generate alerts, but actually defends the software that powers our world." The Northstar release is now available to partners and enterprises looking to update their application security programmes via a unified, real-time security operations and remediation toolset. Additional partnerships and integrations are set to follow in the coming weeks.
Associated Press
09-06-2025
- Business
- Associated Press
Contrast Introduces the First Unified Platform to See Application-Layer Attacks, Stop Breaches, and Remediate Vulnerabilities with AI
PLEASANTON, Calif.--(BUSINESS WIRE)--Jun 9, 2025-- Contrast Security, the global leader in Application Detection and Response (ADR), today announced the general availability of Northstar, a major release for the company that redefines how businesses see cyberattacks, stop breaches, and protect their applications and APIs. This is the industry's first platform to unite developers, security, and operations teams through an integrated user experience. Contrast pairs runtime data and contextual analysis with AI-powered auto-remediation to cut response times and eliminate noise, marking a breakthrough in application-layer security. The Contrast Graph: Live Runtime Insight That Drives Precision At the core of the platform is the Contrast Graph, which powers its most advanced capabilities, including optional agentic AI workflows that help teams respond faster and fix smarter. The Contrast Graph builds a real-time digital twin of an organization's application and API environment, mapping live attack paths, correlating runtime behavior, and exposing how vulnerabilities, threats, and assets are connected. This deep, dynamic context eliminates the guesswork that plagues traditional tools, enabling accurate, automated prioritization and remediation - so teams can focus on real risk and act with confidence. Tyler Shields, Principal Analyst at Enterprise Strategy Group, says, 'Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security, and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritization and automated remediation, which are the key security outcomes required by security organizations today.' Runtime Intelligence That Sees, Stops, and Solves With the Northstar release, Security Operations and AppSec teams can, for the first time, see application-layer attacks as they happen, stop them instantly, and auto-remediate active vulnerabilities with the new Contrast AI. These capabilities leverage Contrast's powerful real-time context - paired with dynamic risk scoring that reflects exploitability, impact, and live attack activity, so teams always know where to focus. The unified platform provides views that are tailored to each role, enabling developers to prioritize remediation while SOC teams zero in on the most critical threats to limit damage. 'We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently,' said Martha Gamez-Smith CISSP, PMP, SSCP, Information Security Officer - Texas Computer Cooperative | Education Service Center, Region 20. Jeff Williams, an OWASP Founder, Contrast Security Founder and CTO, said, 'Northstar is the culmination of everything we've learned about defending modern software. We didn't just bolt together another set of tools—we reimagined AppSec from first principles. By combining runtime observability, real-time graph context, and AI-powered automation, we built a platform that doesn't just find problems—it understands them, prioritizes them, and helps teams fix them fast. This is the platform I've wanted since OWASP's earliest days—one that doesn't just generate alerts, but actually defends the software that powers our world.' ContrastNorthstarRelease Highlights: A Unified Perspective, Tailored for Every Team Contrast delivers a new visual user experience built around the Contrast Graph, giving Dev, Sec, and Ops teams real-time visibility into attacks, vulnerabilities, and business risk - all in views tailored to their roles and integrated into the developer, CNAPP, and SIEM solutions they use every day. The Contrast Graph acts as a live map of the application and API environment, showing how vulnerabilities, threats, and assets are connected so teams can act faster, together. Focus on What Matters Most Dynamic Risk Scoring: Continuously prioritizes vulnerabilities with architectural, threat, and business context based on real-world observations in production - so defenders can fix what's actually at risk. Unified ADR + AST: Bring together Application Detection and Response and Application Security Testing to break down silos across development, AppSec, and SecOps with shared context that connects incidents to vulnerabilities, aligning teams around real threats and faster resolution. Agentic AI That's Context-Aware Contrast AI SmartFix: Uses Contrast Graph data to generate fix plans, write code, create test scripts, and draft pull requests, dramatically reducing remediation time. Contrast MCP Server: Opens up access to Contrast's runtime insights - starting with vulnerability data and designed to support future agentic AI use cases. Faster Rollouts. Easier Management. Deployment Hub: Simplifies onboarding and managing updates across complex, distributed environments, speeding time to protection. Flex Agent: Streamlines agent deployment and updates at scale with no manual configuration required, simplifying installation and reducing setup time. Availability and Ecosystem Momentum The Contrast Northstar release is available today, delivering immediate value to both partner ecosystems and enterprise organizations looking to modernize their application security programs. Contrast integrates seamlessly with industry-leading tools like Splunk, Wiz, and Sumo Logic to ensure that security insights flow into the platforms teams already rely on. Additional integrations and strategic partnerships will be announced in the coming weeks, as Contrast continues to expand its global partners and redefine application-layer defense. To experience Contrast Northstar's release, go to: About Contrast Security Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented threat sensors directly into the software, delivering unmatched visibility and protection. With continuous, real-time defense, Contrast uncovers hidden application-layer risks that traditional solutions miss. Contrast's powerful Runtime Security technology equips developers, AppSec teams and SecOps with one platform that proactively protects and defends applications and APIs against evolving threats. View source version on CONTACT: Media Contact: Jake Milstein 206 718 9602 [email protected] KEYWORD: UNITED STATES NORTH AMERICA CALIFORNIA INDUSTRY KEYWORD: DATA MANAGEMENT SECURITY APPS/APPLICATIONS TECHNOLOGY SOFTWARE ARTIFICIAL INTELLIGENCE SOURCE: Contrast Security Copyright Business Wire 2025. PUB: 06/09/2025 06:00 AM/DISC: 06/09/2025 05:58 AM
Business Wire
09-06-2025
- Business
- Business Wire
Contrast Introduces the First Unified Platform to See Application-Layer Attacks, Stop Breaches, and Remediate Vulnerabilities with AI
PLEASANTON, Calif.--(BUSINESS WIRE)-- Contrast Security, the global leader in Application Detection and Response (ADR), today announced the general availability of Northstar, a major release for the company that redefines how businesses see cyberattacks, stop breaches, and protect their applications and APIs. This is the industry's first platform to unite developers, security, and operations teams through an integrated user experience. Contrast pairs runtime data and contextual analysis with AI-powered auto-remediation to cut response times and eliminate noise, marking a breakthrough in application-layer security. The Contrast Graph: Live Runtime Insight That Drives Precision At the core of the platform is the Contrast Graph, which powers its most advanced capabilities, including optional agentic AI workflows that help teams respond faster and fix smarter. The Contrast Graph builds a real-time digital twin of an organization's application and API environment, mapping live attack paths, correlating runtime behavior, and exposing how vulnerabilities, threats, and assets are connected. This deep, dynamic context eliminates the guesswork that plagues traditional tools, enabling accurate, automated prioritization and remediation - so teams can focus on real risk and act with confidence. Tyler Shields, Principal Analyst at Enterprise Strategy Group, says, 'Connecting security operations processes with application security incident and vulnerability detection capabilities is a significant step towards breaking down the silos that exist between developers, application security, and security operations teams. This broad contextual analysis offering lends itself well to advanced AI-based prioritization and automated remediation, which are the key security outcomes required by security organizations today.' Runtime Intelligence That Sees, Stops, and Solves With the Northstar release, Security Operations and AppSec teams can, for the first time, see application-layer attacks as they happen, stop them instantly, and auto-remediate active vulnerabilities with the new Contrast AI. These capabilities leverage Contrast's powerful real-time context - paired with dynamic risk scoring that reflects exploitability, impact, and live attack activity, so teams always know where to focus. The unified platform provides views that are tailored to each role, enabling developers to prioritize remediation while SOC teams zero in on the most critical threats to limit damage. "We are excited to see the new features and feel that Contrast is set apart from other competitors, beyond reach. It makes our jobs better and easier. The real data will allow our team to take action more efficiently," said Martha Gamez-Smith CISSP, PMP, SSCP, Information Security Officer - Texas Computer Cooperative | Education Service Center, Region 20. Jeff Williams, an OWASP Founder, Contrast Security Founder and CTO, said, 'Northstar is the culmination of everything we've learned about defending modern software. We didn't just bolt together another set of tools—we reimagined AppSec from first principles. By combining runtime observability, real-time graph context, and AI-powered automation, we built a platform that doesn't just find problems—it understands them, prioritizes them, and helps teams fix them fast. This is the platform I've wanted since OWASP's earliest days—one that doesn't just generate alerts, but actually defends the software that powers our world.' Contrast Northstar Release Highlights: A Unified Perspective, Tailored for Every Team Contrast delivers a new visual user experience built around the Contrast Graph, giving Dev, Sec, and Ops teams real-time visibility into attacks, vulnerabilities, and business risk - all in views tailored to their roles and integrated into the developer, CNAPP, and SIEM solutions they use every day. The Contrast Graph acts as a live map of the application and API environment, showing how vulnerabilities, threats, and assets are connected so teams can act faster, together. Focus on What Matters Most Dynamic Risk Scoring: Continuously prioritizes vulnerabilities with architectural, threat, and business context based on real-world observations in production - so defenders can fix what's actually at risk. Unified ADR + AST: Bring together Application Detection and Response and Application Security Testing to break down silos across development, AppSec, and SecOps with shared context that connects incidents to vulnerabilities, aligning teams around real threats and faster resolution. Agentic AI That's Context-Aware Contrast AI SmartFix: Uses Contrast Graph data to generate fix plans, write code, create test scripts, and draft pull requests, dramatically reducing remediation time. Contrast MCP Server: Opens up access to Contrast's runtime insights - starting with vulnerability data and designed to support future agentic AI use cases. Faster Rollouts. Easier Management. Deployment Hub: Simplifies onboarding and managing updates across complex, distributed environments, speeding time to protection. Flex Agent: Streamlines agent deployment and updates at scale with no manual configuration required, simplifying installation and reducing setup time. Availability and Ecosystem Momentum The Contrast Northstar release is available today, delivering immediate value to both partner ecosystems and enterprise organizations looking to modernize their application security programs. Contrast integrates seamlessly with industry-leading tools like Splunk, Wiz, and Sumo Logic to ensure that security insights flow into the platforms teams already rely on. Additional integrations and strategic partnerships will be announced in the coming weeks, as Contrast continues to expand its global partners and redefine application-layer defense. To experience Contrast Northstar's release, go to: About Contrast Security Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented threat sensors directly into the software, delivering unmatched visibility and protection. With continuous, real-time defense, Contrast uncovers hidden application-layer risks that traditional solutions miss. Contrast's powerful Runtime Security technology equips developers, AppSec teams and SecOps with one platform that proactively protects and defends applications and APIs against evolving threats.
TECHx
28-05-2025
- Business
- TECHx
Qualys TotalAI Enhances LLM Security Features
Home » Tech Value Chain » Global Brands » Qualys TotalAI Enhances LLM Security Features Qualys, Inc. (NASDAQ: QLYS) has announced major updates to its Qualys TotalAI solution. The enhancements aim to secure the complete MLOps pipeline, from development to deployment. The company revealed that organizations can now test large language models (LLMs) more rapidly, even during development cycles. These updates bring stronger protection against new threats and introduce on-premises scanning with an internal LLM scanner. As AI adoption accelerates, security remains a critical concern. A recent study reported that 72% of CISOs are worried generative AI could cause breaches. Enterprises need tools that balance innovation with secure implementation. Tyler Shields, principal analyst at Enterprise Strategy Group, emphasized the importance of security. He noted that Qualys TotalAI allows only trusted, vetted models in production, helping organizations manage risk while remaining agile. Qualys TotalAI addresses AI-specific risks. It tests models for jailbreak vulnerabilities, bias, sensitive data leaks, and threats aligned with the OWASP Top 10 for LLMs. The solution goes beyond infrastructure checks and supports operational resilience and brand trust. Key updates include: Automatic risk prioritization: Using MITRE ATLAS and the Qualys TruRisk™ engine, risks are scored and ranked for faster resolution. Secure development integration: On-premises LLM scanning enables in-house testing during CI/CD workflows, improving agility and protection. The platform also detects 40 types of attack scenarios. These include jailbreaks, prompt injections, bias amplification, and multilingual exploits. These scenarios simulate real-world tactics to improve model resilience. Another update is protection from cross-modal exploits. TotalAI can now detect manipulations hidden in images, audio, and video files meant to alter LLM outputs. Sumedh Thakar, president and CEO of Qualys, said the solution offers visibility, intelligence, and automation across AI lifecycles. He added that TotalAI helps companies innovate confidently while staying ahead of emerging threats. Qualys TotalAI is now positioned as one of the most comprehensive AI security solutions available today.
Channel Post MEA
28-05-2025
- Business
- Channel Post MEA
Qualys Updates TotalAI Solution
Qualys has announced major updates to its TotalAI solution to secure organizations' complete MLOps pipeline from development to deployment. Organizations will now be able to rapidly test their large language models (LLMs), even during their development testing cycles, with stronger protection against more attacks and on-premises scanning powered by an internal LLM scanner. With the current rush of AI adoption, organizations are moving at an unprecedented pace – often without implementing foundational security controls necessary to manage risk. A recent study revealed 72% of CISOs are concerned generative AI solutions could result in security breaches for their organizations. Enterprises need a better solution to bridge the gap between innovation and secure implementation. As AI becomes a core component of business innovation, security can no longer be an afterthought,' said Tyler Shields, principal analyst at Enterprise Strategy Group. 'Qualys TotalAI ensures that only trusted, vetted models are deployed into production, enabling both agility and assurance across organizations' AI usage. This security helps organizations achieve their innovation goals while managing their risk.' Qualys TotalAI is purpose-built for the unique realities of AI risk, going beyond basic infrastructure assessments to directly test models for jailbreak vulnerabilities, bias, sensitive information exposure, and critical risks mapped to the OWASP Top 10 for LLMs. Taking a risk-led approach, TotalAI not only finds AI-specific exposures — it helps teams resolve them faster, protect operational resilience, and maintain brand trust. TotalAI delivers: Automatic Prioritization of AI Security Risks : Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks. : Findings are mapped to real-world adversarial tactics with MITRE ATLAS and automatically prioritized through the Qualys TruRisk scoring engine, helping security, IT, and MLOps teams zero in on the most business-critical risks. Faster, Safer AI Application Development: With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls. With the new internal on-premises LLM scanner, organization can now incorporate comprehensive security testing of their LLM models during development, staging, and deployment – all without ever exposing models externally. This shift-left approach, incorporating security and testing of AI-powered applications into existing CI/CD workflows, strengthens both agility and security posture, while ensuring sensitive models remain protected behind corporate firewalls. Enhanced Defense Against Emerging AI Threats: TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards. TotalAI now expands to detect 40 different attack scenarios, including advanced jailbreak techniques, prompt injections and manipulations, multilingual exploits, and bias amplification. The expanded scenarios simulate real-world adversarial tactics and strengthen model resilience against exploitation, preventing attackers from manipulating outputs or bypassing safeguards. Protection from Cross-modal Exploits with Multimodal Threat Coverage: TotalAI's enhanced multimodal detection identifies prompts or perturbations hidden inside images, audio, and video files that are designed to manipulate LLM outputs, helping organizations safeguard against cross-modal exploits. 'AI is reshaping how businesses operate, but with that innovation comes new and complex risks,' said Sumedh Thakar, president and CEO of Qualys. 'TotalAI delivers the visibility, intelligence, and automation required to stay agile and secure, protecting AI workloads at every stage — from development through deployment. We are proud to lead the way with the industry's most comprehensive solution, helping businesses innovate with confidence, while staying ahead of emerging AI threats.' 0 0
