Contrast Security Announces Runtime ADR Integration with Google Security Operations

PLEASANTON, Calif.--(BUSINESS WIRE)--Contrast Security today announced a new integration between Contrast Application Detection and Response (ADR) and Google Security Operations.

Key facts

• Contrast Application Detection and Response (ADR) integrates with Google Security Operations to provide runtime application telemetry directly to the Security Operations Center (SOC).
• The integration maps verified code-execution data into Google Security Operations’ Unified Data Model (UDM), enabling detection and investigation of application-layer exploits based on real-time runtime behavior.
• Runtime context includes affected applications, execution paths, stack traces and exploit outcomes.
• Purpose-built detection rules automatically surface confirmed application exploits as cases within Google Security Operations, and correlate application-layer findings with signals from the broader security stack.

The integration brings runtime-verified application security context into the SOC, helping teams detect, investigate and respond to application-layer attacks with greater accuracy.

Integration snapshot

• What it is: Integration of Contrast ADR runtime telemetry into Google Security Operations
• Why it matters: Traditional tools miss logic-based attacks, such as unsafe deserialization, that use legitimate application behavior
• How it works: Runtime execution data is mapped directly into Google Security Operations’ Unified Data Model (UDM).
• Availability: Available now for deployment via the Google Security Operations partner directory.

Modern applications are a common entry point for attackers. The Mandiant M-Trends 2026 report shows that vulnerability exploitation now accounts for 32% of initial intrusions, surpassing both phishing and stolen credentials. Many of these exploits only surface when applications are running in production, where perimeter and network tools lack visibility into how code actually executes.

Logic-based exploits such as unsafe deserialization do not rely on known signatures. They abuse legitimate application behavior, making them difficult to detect without visibility inside the application at runtime.

What the integration delivers

The Contrast ADR integration with Google Security Operations provides runtime-verified evidence of real exploitation, grounded in application context. SOC teams can identify the affected application, understand how the exploit occurred and determine whether the attack succeeded or was blocked.

This context can enable more accurate investigations, stronger automation and less alert noise.

Closing the loop between SOC and engineering

When Contrast detects an exploit, runtime telemetry is surfaced in Google Security Operations while the platform traces the activity back to the vulnerable code. SOC teams can respond immediately, while engineering teams prioritize remediation using Contrast’s Agentic SmartFix.

The verified runtime data that powers the integration complements Gemini in Google Security Operations, further enabling the high-fidelity, structured context that AI-driven investigation and response requires to operate effectively.

Strengthening the AI-driven SOC with runtime context

AI-driven security operations require precise, reliable telemetry. Contrast enriches Google Security Operations’ UDM with deep runtime context, including full-stack traces and precise blast-radius data. By anchoring alerts to abnormalities in code execution, the integration provides embedded AI capabilities with the factual evidence necessary to drive accurate investigations and effective AI-powered actions.

“Most SOC teams are flying blind on the application layer. They rely on perimeter and network telemetry that can’t see how code actually executes or whether an application is truly exploitable. This integration brings high-fidelity runtime visibility into Google Security Operations, grounded in real execution data and focused on what’s actually exploitable, so SOC teams can investigate and respond effectively,” said Faya Peng, General Manager of ADR and Head of Product, Contrast Security.

As businesses integrate AI into their core operations, they face a new set of security challenges,” said Vineet Bhan, Director of Security and Identity Partnerships at Google Cloud. “Our partnership with Contrast Security is important to addressing this, giving customers the advanced tools needed to protect their data, maintain control and innovate confidently in the era of AI.”

About Contrast Security

Contrast Security is the global leader in Application Detection and Response (ADR), empowering organizations to see and stop attacks on applications and APIs in real time. Contrast embeds patented threat sensors directly into the software, delivering unmatched visibility and protection. With continuous defense, Contrast uncovers hidden application-layer risks that traditional solutions miss. Contrast’s powerful runtime security technology equips developers, AppSec teams and Google Security Operations with one platform that proactively protects and defends applications and APIs against evolving threats.