Contrast for Visual Studio

Instrument your applications with Contrast Security to gain real-time visibility to vulnerabilities in your application, and to defend them against attacks.

Contrast integrates with your existing SDLC processes to provide an easy way to view and fix vulnerabilities in your code, and protect your applications.

The Contrast for Visual Studio extension lists the vulnerabilities from your application directly in your Visual Studio environment enabling developers to resolve issues faster.

Please note that you will need the Contrast TeamServer in order to use this feature.

You can learn more about Contrast Security's latest products by visiting our website at www.contrastsecurity.com.

To schedule a demo, contact us at www.contrastsecurity.com/demo or by calling 1-888-371-1333.

Requirements

• Visual Studio 2017 or 2019 (Community edition supported).
• .NET 4.6+

Features

• TeamServer Connection Settings
• Vulnerability details.
• Events stack trace.
  • Vulnerability stack trace.

TeamServer Connection Settings

Includes all the necessary flow to configure connection and authentication to the user's TeamServer account.

Support for adding configuration parameters that belong to the organizations to which the user belongs. This includes API Key and organization Id, necessary for retrieving vulnerabilities related to that organization. Offers easy way to switch between them.

Vulnerability details

Allows you to access to the Overview and HTTP Request information of a vulnerability. You also have access to its events and recomendations.

You can copy the text to clipboard from the code blocks (gray text blocks) in the Overview and How to fix tabs. Just hover the blocks and click over them to copy its content.

Vulnerability events

You are able to see which events caused the vulnerability.

Code search by stack trace line.

The stack trace from a event has a code search funtionality on its lines highlighted as links, which look for the code line or source file that generated the stack line (the solution that contains the code must be open for this to work).

Tagging

Just like in TeamServer, you can add and remove tags from the extension.

Status change

You are able to set the vulnerability status and its commentaries (optional) from the extension. Be advised that you must have the required authorization to perform this operation.

Documentation

For more information on Setup and Configuration please refer to our OpenDocs site.

Logs

For common events and exceptions, this extension saves logs to the path %PROGRAM_DATA%\Contrast\vs-extension\logs. A log file is generated per launch and follows the format contrast_extension_yyyy_MM_dd_hhmmssfff.log.