May 4, 2017 Bittu K DevOps, IT trends Leave a comment

3 steps to secure, open source DevOps

Source – opensource.com Nobody really writes their own code anymore, right? We go out to GitHub, download some libraries, avoid recreating unnecessary wheels, and package those wheels together along with our own glue to create new software. Then we download a half dozen front-end frameworks to make it all pretty and responsive and we’re off the races. In my review of apps, both in my company and others, I’ve found that more than 90% of the code that makes up an

April 24, 2017 Bittu K DevOps, DevOps Best Practices, Test Driven Development Leave a comment

Advantages of Interactive Application Security Testing (IAST) over Static and Dynamic Testing

Source – contrastsecurity.com Interactive Application Security Testing (IAST) works in fundamentally different ways than static or dynamic tools using instrumentation technology. IAST leverages information from inside the running application, including runtime requests, data flow, control flow, libraries, and connections, to find vulnerabilities accurately. Because of this, interactive testing works better for application security. That’s why we created Contrast — to utilize next-generation technology to solve the growing problems inside the application security field. Because of this, interactive testing works better for application security. That’s

April 5, 2017 Mantosh Singh DevOps, DevOps News, DevOps Tools, DevOps Updates Leave a comment

CA Technologies (CA) Completes the Purchase of Veracode

Source:- nasdaq.com CA Technologies CA recently announced that it has completed the acquisition of a Burlington security software company Veracode, for approximately $614 million in cash. The deal, signed in early March, was subject to customary closing conditions. Founded in 2006, Veracode offers cloud-based software that helps organisations to run large-scale performance and load tests quickly, easily and inexpensively during the building and deployment process. The company serves more than 1,400 customers, which includes Boeing and Thomson Reuters, and its

March 28, 2017 Mantosh Singh DevOps, IT trends, Test Driven Development Leave a comment

Three Lessons From Test-Driven Development

Source:- securityintelligence.com In 1999, Kent Beck’s “Extreme Programming Explained: Embrace Change,” became an inspiration for rethinking the way software was developed. Three years later, his “Test-Driven Development: By Example” further elaborated on the need to reconsider the way software is planned, how teams operate and, most importantly, the way software is tested. To date, there are over 170 books on Amazon about test-driven development (TDD). For readers curious about the origins and evolution of the concept, the Agile Alliance posted

March 1, 2017 Mantosh Singh DevOps, DevOps Process, Test Driven DevOps Leave a comment

How to make mobile app security testing automation a DevOps reality

Source:- nowsecure.com Eighty-one percent of enterprises and 70 percent of small-to-medium businesses have adopted DevOps according to the RightScale 2016 State of the Cloud Report.1 In comparison, only 29 percent of mobile apps, on average, undergo vulnerability testing according to the 2017 Study on Mobile IoT Application Security conducted by Ponemon Institute.2 I think the gap between these two statistics can be reduced with some minor effort. The purpose of this article is to explain how to make mobile app security

February 25, 2017 Mantosh Singh DevOps, DevOps Best Practices Leave a comment

Six Tips for Using DevOps to Combat Security Vulnerabilities

Source:- samsung.com Growing requirements from stakeholders for rapid app deployment means more businesses need to explore DevOps to ensure collaboration between their development and operations teams during the development life-cycle. In a recent BMC/Forbes security survey, 60 percent of executives said their IT and security teams “have only a general or a little understanding of each other’s requirements.” Additionally, the report revealed that these two groups often have goals that are out of sync. Such complications lead to companies taking

February 2, 2017 Mantosh Singh DevOps, DevOps Best Practices Leave a comment

5 ways to align security with your DevOps strategy

Source:- techbeacon.com In 2016, DevOps reached a tipping point. Half of all organizations surveyed indicated that they are actively using it as a model for releasing and maintaining custom applications, according to the Gartner Research note DevSecOps: How to Seamlessly Integrate Security Into DevOps, September, 2016. Yet, about 80 percent of those organizations surveyed expressed concerns that information security policies and teams are preventing them from achieving the level of agility that DevOps promises. Development, operations and security all want