# Contrast Security

> Contrast Security is a Pleasanton, California-based cybersecurity company that secures software from the inside out. Founded in 2014 by OWASP veterans Jeff Williams and Arshan Dabirsiaghi, it pioneered an instrumentation-based approach that embeds security sensors directly into running applications to detect vulnerabilities and block live attacks in real time. Its runtime security platform spans Interactive Application Security Testing (IAST), Runtime Application Self-Protection (RASP), static analysis (SAST), software composition analysis (SCA), and Application Detection and Response (ADR), serving Fortune 500 enterprises and government agencies.

- **Founded:** 2014
- **Headquarters:** Pleasanton, California, United States
- **Founders:** Jeff Williams (Co-Founder & CTO), Arshan Dabirsiaghi (Co-Founder & former Chief Scientist)
- **Team size:** ~240 employees
- **Products:** Contrast ADR (Application Detection and Response), Contrast Assess (IAST), Contrast Protect (RASP), Contrast Scan (SAST), Contrast SCA (Software Composition Analysis)
- **Notable:** Named a Visionary in the 2025 Gartner Magic Quadrant for Application Security Testing, Pioneered the Application Detection and Response (ADR) category, launched at Black Hat USA 2024, Reached a valuation over $1 billion with its 2021 Series E

## Products & services

- **Contrast ADR (Application Detection and Response)** — Detects threats and blocks live attacks, including many zero-days, that target custom applications and APIs from inside the running application. Introduced at Black Hat USA 2024.
- **Contrast Assess (IAST)** — Interactive Application Security Testing that uses runtime instrumentation to find vulnerabilities on code paths that actually execute, reducing false positives.
- **Contrast Protect (RASP)** — Runtime Application Self-Protection that blocks production attacks in real time at under 5% performance overhead, using the same agent as Assess.
- **Contrast Scan (SAST)** — Static Application Security Testing that analyzes source and binary code for vulnerabilities early in the development lifecycle.
- **Contrast SCA (Software Composition Analysis)** — Identifies risk from open-source and third-party dependencies with runtime context on which libraries are actually used.
- **CodeSec** — Free developer-focused security tooling for scanning code and open-source libraries, aimed at getting AppSec into developers' hands.

## Achievements

- Named a Visionary in the 2025 Gartner Magic Quadrant for Application Security Testing
- Pioneered the Application Detection and Response (ADR) category, launched at Black Hat USA 2024
- Reached a valuation over $1 billion with its 2021 Series E
- Co-founder and CTO Jeff Williams created the OWASP Top 10 and is a recognized cybersecurity influencer
- Holds patents on in-application security sensors / deep security instrumentation
- Protects Fortune 500 and government customers including BMW, DocuSign, AXA and the American Red Cross

## Latest updates

- **2025-10** — Named a Visionary in the 2025 Gartner Magic Quadrant for Application Security Testing.
- **2025-01** — Appointed Scott O'Rourke as Chief Revenue Officer to scale go-to-market.
- **2024-08** — Introduced Application Detection and Response (ADR) at Black Hat USA 2024, defining a new app-layer security category.
- **2024** — Positioned platform for securing AI-generated code as automated coding accelerates.
- **2023-04** — Appointed former Splunk executive Rick Fitz as Chief Executive Officer.

## Links

- Website: https://www.contrastsecurity.com
- LinkedIn: https://www.linkedin.com/company/contrast-security
- Twitter/X: https://twitter.com/contrastsec
- GitHub: https://github.com/Contrast-Security-OSS
- YouTube: https://www.youtube.com/c/ContrastSecurity
- Facebook: https://www.facebook.com/contrastsec/

---

Profile page: https://yespress.io/contrast-security
Published by YesPress — https://yespress.io
Last updated: 2026-07-15
