Coveros recently published an article in the March/April 2010 edition of CrossTalk. The article is entitled “Building Security In Using Continuous Integration.”
Building security into software is harder than it should be. This article explores a way to align application security practices with other software development best practices in order to make building security in easier to manage and more cost effective. In particular, this article looks at combining continuous integration (CI) with security testing and secure static code analysis.