From Naivety to Negligence

I understand the plight of senior executives, I really do.  Most don’t have a software background and that makes it difficult for them to fully understand application security.  But when security breeches are caused by basic, simple code vulnerabilities that can be found using readily available tools, it makes me wonder how serious businesses even […]

Read more
Getting Recorded Selenium Scripts Running In Sauce

Introduction As mobile native app testing tools continue to advance at a slow pace, mobile web app testing tools are advancing much quicker. There are several out there, including Sauce Labs and Testing Bot. These tools are great at taking browser based tests, and running them on emulated mobile devices, or even different desktop OS […]

Read more
A Maturity Matrix for Continuous Delivery Pipelines

I’ve worked on a number of DevOps projects recently where I’ve had to assemble Continuous Delivery (CD) pipelines to build, deploy, and test software. In my case, we’ve been using Chef to automatically deploy various components of a java-based web system using Jenkins. We have a lot of pipeline job chains created in Jenkins to […]

Read more
Pitfalls of Overlapping Releases

On my current project, new functionality is often released in increments over a period of several months, as opposed to developing the functionality and deploying it in one release. This is a good approach to release management because it reduces risk, since relatively small changes will be made to the production environment. It also allows […]

Read more
What does Berkshelf do for me?

I’ve been doing a lot of work with Chef and Berkshelf over the last few years. I started in a world without Berkshelf and wrote a conglomeration of spaghetti cookbooks that had a mess of dependencies and were very difficult to maintain. Eventually, I bit the bullet and started using Berkshelf 2.0 to manage my […]

Read more
Coveros Partners with InfoZen on USCIS Transformation Integration Award

Coveros Partners with InfoZen on USCIS Transformation Integration Award Program will accelerate delivery of USCIS software projects Loudoun County, VA, August 28, 2014 — Coveros, Inc., the market leader in secure software development, today announced that it has partnered with InfoZen on the contract that was awarded 10/22/2013 with the performance start date of 2/4/2014 […]

Read more
Mobile Trust: How to Test for It

Introduction With the surge of mobile applications being released, many developers and companies are finding it increasingly harder to standout from the rest. A great way to differentiate yourself, build a strong user base, and keep them happy with your product is through trust. As security and privacy come up more often the news, users […]

Read more
Setting up Chef Knife workstation to use multiple Chef servers

I have the problem of working against multiple open-source Chef servers to manage cookbooks, environments, etc in our continuous delivery pipeline. Chef and the “knife” tool, in general, like to use configuration information from ~/.chef/knife.rb. Within that file lies the all-important configuration item: chef_server_url. How do you deal with this if you’re working with multiple […]

Read more
Using SecureCI Testing Framework for Mobile Devices

One of the new features of the 2013 Q4 Secure CI Release was the inclusion of a testing framework, optimized for web based browser testing. I’m continuing to make a few updates to the testing framework, but more than anything I’ve been discovering more and more uses for it. I’ve been working in the mobile […]

Read more
X