Using the Build Flow Plugin in Jenkins

With large complex software applications, builds can often be split into different steps and tasks creating a series of jobs for our build pipeline.   On my current project we are utilizing Jenkins to implement Continuous Integration/Continuous Deliver (CI/CD) and between the jobs for compilation, smoke tests, acceptance tests and deployment across environments in several […]

Read more
Running a Jenkins Job on an Amazon EC2 Windows Slave

Continuous integration (CI) is a key component of agile software development that all organizations should strive to include in their development process.  However, for small organizations with little or no infrastructure, purchasing and maintaining a server to use for continuous integration is extremely impractical and often infeasible.  In these situations it is more cost-effective to […]

Read more
Integrating CAT.NET into Hudson for Continuous Security Analysis

I recently published an article about using CAT.NET security scanner on your .NET web application. Once you get it running, it’s fairly simple to integrate it into your continuous integration process. Our strategy here will be to use a down-stream job in Hudson to run static security analysis on our application build after the main compilation/packaging […]

Read more
Using CAT.NET security scanner on your .NET web application

Inspecting source code for security vulnerabilities is an important part in any secure development process. While this can be done manually, it’s much easier to start with a static analysis tool that can scan code for known vulnerabilities. Statistics out there claim anywhere from 30-50% of coding vulnerabilities can be found with a code scanner. For .NET […]

Read more
Running a free copy of SecureCI in the Amazon cloud

Coveros has been offering downloadable copies of our integrated SecureCI™ platform as a VMware™ virtual machine image for quite a while now. SecureCI is an integrated stack of tools that provides version control, wiki, project/issue management, and code analysis to enable the development of high quality, secure applications. For more information about the history of SecureCI, read Gene […]

Read more
SecureCI: Enforce Formatting On Your SVN Comments

Most of us like things done the right way and (more often than not) our way. Nothing can be more infuriating than looking through poorly documented logs or code, and trying to understand poor documentation and what it was meant to get across. During development we often look to setting up good coding practices that […]

Read more
SecureCI: Enforce Formatting On Your SVN Comments

The focus of continuous delivery isn’t just about being quicker when developing and deploying, but rather delivering business value continuously. And we only see business value from software when it is made available to end users. I heard a project lead explain that his team had a continuous delivery process. They used source control management […]

Read more
Building Security In Using Continuous Integration

Coveros recently published an article in the March/April 2010 edition of CrossTalk. The article is entitled “Building Security In Using Continuous Integration.” Building security into software is harder than it should be. This article explores a way to align application security practices with other software development best practices in order to make building security in […]

Read more
We want your feedback for SecureCI!

Do you have ideas for the next version of SecureCI? Is some tool or feature missing that would make the product better? Something we could have done differently that would make it more useful? We’ve set up a forum at uservoice to make it easy for you to give us feedback. Whether it is a suggestion, new […]

Read more
X