8/11/2017 2:23:43 PM
Veracode announced two new key integrations
Application Security,DevSecOps Tools,DevOps Security Platform
https://appdevelopermagazine.com/images/news_images/Veracode-Announced-Two-New-Key-Integrations-App-Developer-Magazine_1yr5ys18.jpg
App Developer Magazine

Veracode announced two new key integrations



Christian Hargrave Christian Hargrave in Security Friday, August 11, 2017
12,038

Integration with HPE ALM and Jenkins embed security into build and test processes to support DevSecOps and continuous development environments announced by Veracode.

Veracode, a software security company acquired by CA Technologies, has announced the Veracode HPE Application Lifecycle Manager (ALM) Flaw Synchronizer Plug-in, which empowers development and QA/release engineers to fix security vulnerabilities early in the Software Development Lifecycle (SDLC). The company also announced an enhanced integration to the Veracode Application Security Platform that enables organizations using Jenkins at enterprise scale to scan their applications for security issues as part of the build process. These integrations support an approach to application security that better aligns with the new role of today’s software development paradigms.

Recently announced research, conducted in conjunction with Enterprise Strategy Group (ESG), highlights the acknowledgement of IT professionals and developers that application security must become an integrated part of the DevOps process (DevSecOps) and the specific technology requirements to make this a reality. Respondents identified the ability to integrate Static software testing (42 percent) or Dynamic software testing (34 percent) into the Application Development and DevOps processes are the most important tool selection criteria.

“There is an increased demand for tighter alignment of application security and development to support and sustain the rapid development cycles that are the new normal,” said Tim Jarrett, Director of Security Strategy. “Development teams are requiring security to be accessible where they work in order to incorporate security practices into their workflow. These new integrations, in addition to Veracode Greenlight, give development and QA teams access to application security testing tools within their existing development toolchains eliminating the friction caused by security processes that aren’t a seamless part of the development process.”

HPE ALM Flaw Synchronizer Plug-In


The Flaw Synchronizer Plug-In automatically imports static and dynamic security findings into HPE ALM as defect entities, enabling development teams to manage security findings within their integrated backlog. While the plug-in is designed to import all security findings, it can be configured to import only those findings that violate an organization's security policy. Additionally, the HPE ALM Plug-In automatically updates and closes tickets for security-related defects as the issues are fixed or mitigated.

Enhanced Jenkins Integration


Veracode’s enhanced Jenkins integration allows organizations performing distributed builds to upload applications to the Veracode Platform for testing from remote machines, eliminating the requirement to upload from the master. This increases the scalability of the build process and also ensures that application binaries do not need to be unnecessarily copied to master, which increases storage requirements and may violate customer security practices.



475 Tax Deductions for Businesses and Self-Employed Individuals

Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.

A hands-on guide to mastering mobile forensics for iOS and Android

Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.

Gps tracker for kids

The Chirp GPS app is a top-ranked location sharing app available for Apple and Android that is super easy to use, and most of all, it's reliable.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.