One of the new features of the 2013 Q4 Secure CI Release was the inclusion of a testing framework, optimized for web based browser testing. I’m continuing to make a few updates to the testing framework, but more than anything I’ve been discovering more and more uses for it. I’ve been working in the mobile […]
Introduction Quarter 4 for Coveros has been action packed for SecureCI™. We performed several major updates to our SecureCI™ version, bringing the software tools up to date, and making them more user and out-of-the-box friendly. For those unaware, SecureCI™ is an integrated stack of tools that provides version control, wiki, project/issue management, and code analysis […]
With large complex software applications, builds can often be split into different steps and tasks creating a series of jobs for our build pipeline. On my current project we are utilizing Jenkins to implement Continuous Integration/Continuous Deliver (CI/CD) and between the jobs for compilation, smoke tests, acceptance tests and deployment across environments in several different VLANs, […]
I spent much of my formative years in High School and College being indoctrinated with Object-Orientated Programming (OOP). When used well, OOP provides clear modular structure for programs, defines clear interfaces, makes software easier to maintain and modify, allows multiple functions to share code (cord re-use), and reduces large, complex issues to smaller, more manageable […]
Introduction Now that we have created some simple cucumber tests and built a sturdy selenium framework, we want to setup an environment where these tests can be quickly and conveniently run against our code. Due to the nature of development, code is constantly changing, and we want to ensure that each change to the code […]
With large complex software applications, builds can often be split into different steps and tasks creating a series of jobs for our build pipeline. On my current project we are utilizing Jenkins to implement Continuous Integration/Continuous Deliver (CI/CD) and between the jobs for compilation, smoke tests, acceptance tests and deployment across environments in several […]
I recently published an article about using CAT.NET security scanner on your .NET web application. Once you get it running, it’s fairly simple to integrate it into your continuous integration process. Our strategy here will be to use a down-stream job in Hudson to run static security analysis on our application build after the main compilation/packaging […]
Inspecting source code for security vulnerabilities is an important part in any secure development process. While this can be done manually, it’s much easier to start with a static analysis tool that can scan code for known vulnerabilities. Statistics out there claim anywhere from 30-50% of coding vulnerabilities can be found with a code scanner. For .NET […]
Coveros has been offering downloadable copies of our integrated SecureCI™ platform as a VMware™ virtual machine image for quite a while now. SecureCI is an integrated stack of tools that provides version control, wiki, project/issue management, and code analysis to enable the development of high quality, secure applications. For more information about the history of SecureCI, read Gene […]
Most of us like things done the right way and (more often than not) our way. Nothing can be more infuriating than looking through poorly documented logs or code, and trying to understand poor documentation and what it was meant to get across. During development we often look to setting up good coding practices that […]
