Tom Stiehm, Coveros CTO, is presenting Integrating Security into Continuous Delivery at DC Continuous Integration, Delivery and Deployment Group Wednesday, March 13, 2013 at Blackboard Inc. (650 Massachusetts Avenue Northwest, Washington, DC (map)) starting at 6:30PM. The Internet is full of insecure applications that cost organizations money and time, while damaging their reputations when their […]
Introduction In the last blog post, we started down the road of BDD, utilizing the Cucumber-jvm, and using Webdriver to perform some acceptance tests on our web based application. This post will continue where the last one left off, and move us further along, by examining some of the issues with our testing code base, […]
Testing applications and web sites that send email can be difficult. During testing you might generate many email notifications and you don’t want to flood a real mailbox. Or you might not want email from a development system being confused for production email. And especially when using production data during development, you might want to […]
Despite the fact that I am running a 64-bit version of Windows 7, I sometimes need to run 32-bit applications. By default these applications are only able to use 2 GB of memory, regardless of the amount of available memory on the system (see: https://docs.microsoft.com/en-us/windows/win32/memory/memory-limits-for-windows-releases ). However, I sometimes need these 32-bit applications to be […]
In my last post on the Active Authentication project I described how to use Microsoft Detours to collect a trace of system calls (also known as system events) for a single process. At Coveros Labs we leveraged an example program provided with Detours in order to create our own prototype system that validates the identity of a […]
I was working on a SharePoint DoD project, due to security requriements(STIG) it needed to display a disclaimer notice banner when a user initiates a session with the SharePoint Site. This solution tells how to customize and deploy the SharePoint Global.asax that triggers the new session start event to display the disclaimer notice banner. This solution was split into two SharePoint […]
I was working on a mobile view of a SharePoint 2010 site. The static data or the document library on the page displayed in the mobile view. But content editor web part doesn’t appear in mobile view and then I figured out that content editor web part is not supported in mobile view. The work […]
Continuous integration (CI) is a key component of agile software development that all organizations should strive to include in their development process. However, for small organizations with little or no infrastructure, purchasing and maintaining a server to use for continuous integration is extremely impractical and often infeasible. In these situations it is more cost-effective to […]
When developing an application in programming language A you may discover that certain parts of the program are easier to code using a different language B. At this point you have one of three choices: Write the application entirely in language A. Write the application entirely in language B. Write most of the application using […]
As part of my ongoing collection of reviews and thoughts on today’s Security Testing Tools, I’m taking a look at the Zed Attack Proxy (ZAP) by OWASP. While, my last review of WebSecurify, looked at a very simplistic tool for Web Application Security Testing, this review will bring us a slightly more complex tool. So where […]
