Olivia
Online
Jeff Williams
@planetlevel
Contrast Security Founder & CTO
Streamlining appsec with runtime security
Maryland
Joined October 2007
356 Following
3.1K Followers
4.3K Posts
Pinned Tweet
Check out my latest article: How to Vulnerability https://t.co/tWgS2xtDn2 via @LinkedIn
#OWASP @LASCONATX Conference is starting with @planetlevel 's keynote about the flawed mindset holding security back:
#LASCON
Had a great time chatting with @planetlevel on Coffee & OSS today about all kinds of #tech topics. Video is live on YouTube and podcast is available wherever you find them. Take a look/listen and thanks!
https://t.co/MC5g9cyK3q
Who to follow
Jim Manico from Manicode Security 
@manicode
AI and AppSec Educator. Secure coding system prompts. https://t.co/gbW3ZLhURT
Jeremiah Grossman
@jeremiahg
Cybersecurity Pro. CEO, Root Evidence (@rootevidence) Founded WhiteHat Security, Bit Discovery. Venture Capitalist (https://t.co/Eln33VFWwf). BJJ Black Belt.
Michael Coates
@_mwc
CyberSecurity & Innovation - Former: CISO @Twitter, @Mozilla, @Coinlist, Chairman @OWASP, Startup Founder (Acquired) | Seven Hill Ventures
@dbleich Into the Kandinskyverse
Austin #owasp chapter meeting coming up 3/26 at lunchtime. Both in-person with free lunch and virtual. Great speaker - @planetlevel ! Register here: https://t.co/0pxvP4cUEl
Break free from the tunnel vision of traditional AppSec tools like #SAST and #DAST. They lack context, leading to a skewed view of your application security. Our Co-Founder and CTO @planetlevel breaks down the modern-day solution on @AppSecPodcast: https://t.co/sslXFf5sLJ
In the 2023 Security Survey, @forrester reports that breach numbers continue to rise. Watch the webinar recap with @planetlevel and #Forrester analyst, Janet and learn how to secure your #apps in 2024 with a context-focused solution, Runtime Security: https://t.co/ldYbTU7L7M
Congratulations to @cribl_io, @contrastsec, and @druvainc for being recognized in the @Gartner_inc Peer Insights Customers' Choice 2023👏
✨Cribl - Voice of the Customer for Event Stream Processing https://t.co/6zM54yg3PQ
✨Contrast Security - Voice of the Customer for AppSec Testing https://t.co/DBuizGN5YV
✨Druva - Only Customers’ Choice for Disaster Recovery as a Service https://t.co/3YC7z3wRdC
#gartner #gartnerpeerinsights
Ditch #AppSec's broken math and discover the modern-day approach to analyze real-time data and detect vulnerabilities: https://t.co/QgdneqAPTq
We are excited to announce that our Secure Code Platform has been recognized by our customers in the 2023 #Gartner Peer Insights' Voice of the Customer for Application Security Testing! See why we received a 4.7/5 rating & a 94% willingness to recommend: https://t.co/cdIA1peZk9
This should be a good discussion building on Janet’s extensive analysis of the appsec industry
Join @planetlevel, CTO and Co-Founder of Contrast, and guest speaker Janet Worthington, #Forrester Research Analyst, for an in-depth discussion on how Runtime Security is revolutionizing #AppSec. Register now 👉 https://t.co/FGqQoaigqS
@ddccffvv Agree! For most things, B is the most cost-effective approach. There are a few things that are pretty accurate early and can be found with SAST/SCA. But for most vulnerabilities, waiting a few minutes for IAST testing and full context from a fully assembled, running app is best.
@ddccffvv Over 62% of open source libraries are completely inactive - never even load into memory. Of code that does run, over 2/3 is custom code… just 1/3 is libraries. And when a library has a vulnerability, exploitation is *possible* only 10% of the time.
@ddccffvv In modern pipelines, A and B are only minutes apart. So it's not worth it to shift that far left and lose ALL the context of the running app/API. Wait a few minutes, and get a much smaller list.
@ddccffvv I don't see why Scenario B items are "bigger" -- they're the same issues as in Scenario A, but true positives.
You *could* fix a root cause, and eliminate a whole bunch of them at a time, but that's different.
@stevespringett Except that even heavyweight SAST isn’t accurate enough. Lightweight SAST is kind of a joke. If it’s fast, it’s trash :-) And if it’s slow you can’t integrate into workflows. Especially if you include triage. Try IAST if you want fast and accurate during workflows.
You can't have DevSecOps without DevOps.
On the @FedGovToday podcast, @LMaccherone explains how, flow, feedback, and a culture of experimentation and learning are essential to #DevSecOps. Listen now: https://t.co/I8X13vDeiy
Experts say scan-and-fix will remain for some time. But #appsec tools are evolving to provide prioritization and automation. Here's what you need to know, ft. insights from @edgeroute, @travismcpeak, @planetlevel, @izar_t, and more.
https://t.co/A7oQ4KlvTr
WAFs leave back-end systems vulnerable to attacks. Read @TAKellermann's thoughts on why Contrast Protect RASP is the #API solution to block back-end attacks and reduce false positives, helping your dev teams prioritize vulnerabilities: https://t.co/BqIukqI4QT
Last Seen Users on Sotwe
Mrs.Tsu-Tsu ⛲️ Thee Human Fountain
Seen from United States
GÜNCEL İFŞA +18
Seen from Turkey
حمید نورزیی
Seen from Turkey
The Only
Seen from Turkey
ArdiyansyahPutra
Seen from Indonesia
AFRO WORLD🍆💦🔞
Seen from Turkey
Cornelia
Seen from Germany
Minzi
Seen from Mexico
Babytoad
Seen from Brazil
Khattak
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers