OWASP Zed Attack Proxy (ZAP) is one of my favorite tools for scanning and performing vulnerability tests on a web application. It has a simple GUI to get started, with a large capability for customization to tailor scans as needed. Recently, I was faced with a problem to login and then scan the authenticated segments of […]
Zephyr Plugin is the solution for Agile Testing if you are already using JIRA in your Agile Software Management as a tool for issue tracking and project management, and want to integrate test management into the same system. It adds many new features to JIRA: Collaboration Test Cases Writing, Reviewing, Executing, Verify Test Results. Formal […]
On my last two posts I went through setting up CI for your PHP project. While I promised this post would cover setting up CD for your pipeline, I realized that I left out a fairly useful (but in my mind unique) part of the process. Our PHP application is using Laravel as the back […]
Last month I started writing about the DevOps pipeline that I built out for a PHP project. Today I plan on filling it out a bit more. What I described last week is what many people consider a full CI Pipeline, executing unit tests, code coverage, and static analysis. I threw in a little more […]
What happens when you don’t like every feature in Windows 10? I chose to downgrade back to Windows 7. This may trigger issues that cause the computer to slooooooow down. Like many developers, I eagerly upgraded to Windows 10 for testing as soon as it was available. The first thing I noticed was that some of my programs weren’t working as […]
I recently was put on a project where we are doing development for a website. There was already a large code, and we went in to add features in order to complete the site, and perform code refactoring when necessary. In order to accomplish this successfully, we decided to follow the SecureAgileTM, which involves ensuring […]
Problem with Default Validation While using Laravel to build a web application, I needed to perform custom validation on user input, such as a password parameter. By default, Laravel manages this through AJAX handled on the client side. However, I wanted a more robust solution. Also, helpful libraries, such as a check of whether an […]
It’s that time of year, new year, new SecureCI release! 2015 ended well, with Coveros releasing a much more robust version of SecureCI. Not too many new features, but lots of bug fixes and some major upgrades of the application. This release focused on updating core components to latest release versions, correcting critical defects, and […]
In this I will talk about Java batch implementations in two different frameworks: Spring Batch and Akka. I looked at both frameworks for a simple ETL program. I ran each of these with a commit size of 1 and of 10. I was curious what types of improvements would be seen for each batch job […]
To summarize the 3 day B-SidesDC conference: Be Afraid. In all seriousness, there are many systems we use daily which are quite vulnerable. The solution is to be vigilant, know what to look for, and understand how to fix it. It is good to know that the industry mindset is migrating towards an “Assume Breach” […]
