Introduction
Developer Central is a new portal created by Contrast Security. Developer Central gives developers easy access to Contrast's new free developer tool CodeSec, which brings the fastest and most accurate scanner on the market right to developers for free. Get up and running in less than 5 minutes and start scanning code, serverless environments and open source software (OSS) with ease.
Why nominated?
Accessible:
Developer Central can be accessed through any browser directly at http://developer.contrastsecurity.com/ or through an easy-to-find navigation button on the top right of the Contrast website homepage. The portal offers developers a seamless signup process to the free developer tool, CodeSec https://www.contrastsecurity.com/developer. In only three clicks, users can download, authenticate (with an existing GitHub or Google Account), and start scanning with ease. Once a user has created an account, they are given instant access to all of CodeSec’s capabilities in a simple command line interface:
- CodeSec – Scan: Optimized code security for Java, JavaScript, and .NET with the fastest and most accurate SAST scanner on the market delivering up to 10x faster scan rates, 70% more critical vulnerabilities, and actionable results with 5x more true positives in seconds. Additionally, users can secure their Github pipeline by connecting with Contrast GitHub Actions for free.
- CodeSec –Serverless: A new ground-breaking free application security tool for serverless environments in AWS Lambda Functions (Java + Python) that detects cloud-native vulnerabilities quickly and accurately while providing actionable remediation guidance in a simple command line interface.
- CodeSec - SCA: Secure vulnerable libraries (in Java, Javascript, Python, Ruby, GO, PHP, .NET) in your open-source software (OSS) with lightning speed, accuracy, and actionable remediation guidance to ship code faster and create a standardized Software Bill of Materials (SBOM) to manage supply chain risk with ease.
Onboarding:
Developer Central offers easy-to-follow instructions on how to use the tool accompanied by screenshots as well as a step-by-step Evaluation Guide (https://www.contrastsecurity.com/security-influencers/codesec-by-contra…), which can be accessed before logging into the portal. The portal also provides command prompts that can be copied and pasted (https://www.contrastsecurity.com/developer/codesec/?hsCtaTracking=374f5…) into the user’s system to eliminate any errors due to manual input. Users can watch demo videos that walk through the account creation, sign-in, installation, authentication, and use of the different functions within the CodeSec tool right from the portal.
Contrast is focused on continuing to levitate the onboarding experience and use of the portal. The company developed a comprehensive go-to-market strategy and a deployment plan to aggressively update Developer Central. In the coming months, developers will also gain access to a community forum that will further assist users with the onboarding process, enable developers to share best practices and answer questions and will include an interactive, and gamified learning program.
Visual Design:
The Contrast Developer Portal has a simple and clean design to help draw users’ attention to the “Start Now” button and in just three clicks, developers can sign up and begin leveraging the fastest scanner available today at no cost.
In July 2022, Contrast updated the user experience (UX) and user interface (UI) of the main portal landing page to include a more 16-bit animated design in order to make it more visually appealing and align to the simplicity in UI that users will experience while navigating the CLI tool, as well as enhancing its usability and ease of use. Developer Central now clearly showcases the programming languages supported, including Java, JavaScript, Python, .Net, GO, Ruby, PHP, and many more.
Developer Central now also sports quick access prompts to learn more about CodeSec’s differentiators compared to other products on the market as well as offers users the ability to access developer-focused resources, materials, and events.
