I spent much of my formative years in High School and College being indoctrinated with Object-Orientated Programming (OOP). When used well, OOP provides clear modular structure for programs, defines clear interfaces, makes software easier to maintain and modify, allows multiple functions to share code (cord re-use), and reduces large, complex issues to smaller, more manageable […]
Introduction Now that we have created some simple cucumber tests and built a sturdy selenium framework, we want to setup an environment where these tests can be quickly and conveniently run against our code. Due to the nature of development, code is constantly changing, and we want to ensure that each change to the code […]
Introduction Initially this post was going to contain instructions on running tests locally, and on SecureCI. Due to the lengthiness of the post, I decided to break this up into two different posts. This post will cover just setting up and running tests locally, building on the previous posts of creating some simple cucumber tests […]
With large complex software applications, builds can often be split into different steps and tasks creating a series of jobs for our build pipeline. On my current project we are utilizing Jenkins to implement Continuous Integration/Continuous Deliver (CI/CD) and between the jobs for compilation, smoke tests, acceptance tests and deployment across environments in several […]
Introduction In the last blog post, we started down the road of BDD, utilizing the Cucumber-jvm, and using Webdriver to perform some acceptance tests on our web based application. This post will continue where the last one left off, and move us further along, by examining some of the issues with our testing code base, […]
Testing applications and web sites that send email can be difficult. During testing you might generate many email notifications and you don’t want to flood a real mailbox. Or you might not want email from a development system being confused for production email. And especially when using production data during development, you might want to […]
In my last post on the Active Authentication project I described how to use Microsoft Detours to collect a trace of system calls (also known as system events) for a single process. At Coveros Labs we leveraged an example program provided with Detours in order to create our own prototype system that validates the identity of a […]
I recently published an article about using CAT.NET security scanner on your .NET web application. Once you get it running, it’s fairly simple to integrate it into your continuous integration process. Our strategy here will be to use a down-stream job in Hudson to run static security analysis on our application build after the main compilation/packaging […]
I use a lot of virtual machines for the work I do. Invariably, I start with small virtual hard drives that continuously grow until I run out of space. I used to go through wild gyrations to add an additional hard drive to the machine. It’s actually much simpler to just expand the hard drive. […]
Some of the sites I use require a CAC smart card to establish SSL access. (Forge.mil is an example of this.) Chrome and IE (shudder) are both smart enough to use a smart card for certificates out of the box on Windows. Unfortunately, Firefox doesn’t seem to be set up to do it without some […]
