6/27/2017 1:02:36 PM
With DevOps security must work differently
Application Security Tool,Cloud Software Security,DevOps Security
App Developer Magazine

With DevOps security must work differently

Richard Harris Richard Harris in Security Tuesday, June 27, 2017

New DevOps security integrations for big names released by Contrast Security.

Because “software is eating the world,” as Mark Andreessen famously noted, application security gets harder every day; every line of code written opens organizations to new vulnerabilities and breaches. Furthermore, legacy solutions, such as static analysis, dynamic analysis and web application firewalls have failed to keep pace with Agile and DevOps practices. Teams need tools that empower developers, integrate security into the DevOps toolchain, and monitor application security the way DevOps teams monitor application performance.

That's why Contrast Security, a developer of self-protecting software tools, has announced integrations and product enhancements to address the security needs of organizations pursuing DevOps.

New Integrations

- Jenkins: With Contrast’s Jenkins integration, teams are now empowered to fail builds that have security issues. Customers can set the threshold for the number and severity of vulnerabilities and if reached, Jenkins will fail the build and developers are notified.

Customers can create automated JIRA tickets directly from the Contrast user interface. When a ticket status is changed in JIRA, the change will be reflected within Contrast to reflect the Jira ticket status.

- Support for Microsoft Visual Studio Team Services and Team Foundation Server: They now supports Microsoft Visual Studio Team Services and Team Foundation Server. This allows customers who use Visual Studio Team Services or Team Foundation Server to track the vulnerabilities reported by Contrast through their existing bug tracking system.

- Pivotal Cloud Foundry: Contrast Assess and Contrast Protect customers can now secure their Java applications running on Pivotal Cloud Foundry (PCF) with Contrast. Contrast Security Service Broker for Pivotal Cloud Foundry enables their customers to create and manage multiple service plans for different organizations, and bind Contrast credentials to software applications. Support for .NET, node.js and Ruby applications in PCF is under development.

- Eclipse Integrated Development Environment (IDE) Plug-In:
Software developers using the Eclipse IDE can now view vulnerabilities discovered in their applications from within their own development environment with Contrast Assess Plug-In for Eclipse.

“With DevOps, security must work differently,” said Surag Patel, chief strategy officer at Contrast Security. “Because code is released continuously, security must also work continuously and provide developers with instant, highly accurate feedback on their code. Contrast enables DevOps teams to deliver continuous security by empowering developers to solve security problems early in the development lifecycle, integrating security into the DevOps pipeline and monitoring attacks the same way they monitor performance. Ultimately, Contrast makes application security accurate, continuous, integrated and scalable.”

475 Tax Deductions for Businesses and Self-Employed Individuals

Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.

A hands-on guide to mastering mobile forensics for iOS and Android

Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.

Gps tracker for kids

The Chirp GPS app is a top-ranked location sharing app available for Apple and Android that is super easy to use, and most of all, it's reliable.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.