Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the first article in the series. As the internet has matured and grown the need for stronger security has exceeded that pace. Penetration testing has become a large part of… Read more »

Amazon Web Services (AWS) recently announced the integration of AWS CodeCommit with AWS CodePipeline. This means you can now use CodeCommit as a version-control repository as part of your pipelines! AWS describes how to manually configure this integration at Simple Pipeline Walkthrough (AWS CodeCommit Repository). One of the biggest benefits of using CodeCommit is its seamless… Read more »

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the first article in the series. Introduction In a Continuous Delivery pipeline it is imperative to enforce infrastructure security policies and ensure that any new code or infrastructure changes don’t result… Read more »

Getting started with AWS Stubs If you plan to write, or have already written, Ruby code that leverages Amazon Web Services, you should consider using AWS Stubs. The ability to stub service responses allows you to develop robust code more quickly and enables you to test your code without incurring any cost. Amazon’s SDK engineers knew… Read more »

Continuous Security: Security in the Continuous Delivery Pipeline is a series of articles addressing security concerns and testing in the Continuous Delivery pipeline. This is the second article in the series. CloudFormation Background CloudFormation templates are a great way to provision AWS resources.  They allow an infrastructure developer to declare what resources are to be… Read more »

Continuous Security is the addressing of security concerns and testing in the Continuous Delivery pipeline, and is as much a part of continuous delivery as operations, testing, or security is a part of the DevOps culture. This article is the first in a series which talks about ways of integrating security testing/validation of both software… Read more »