Automated Security Testing with OWASP Zed Attack Proxy: #3 Working the Result of ZAP Security Scan to Pass or Fail the Security Tests

In the previous article, we created and ran Automated Security Tests on Visual Studio Team Services. One shortcoming of the security tests we wrote was that there was no way of failing the security tests if the result of the test exceeds a certain threshold. The test only executed the security scan and then gave … Continue reading Automated Security Testing with OWASP Zed Attack Proxy: #3 Working the Result of ZAP Security Scan to Pass or Fail the Security Tests

Automated Security Testing with OWASP Zed Attack Proxy: #2 Creating & Running Automated Security Tests on Visual Studio Team Services

In the previous article, we installed and configured OWASP ZAP on an Azure VM and added a reverse proxy to access it over the internet. In this article, we’ll discuss on how to use the OWASP ZAP API and Visual Studio Unit Test project to create Automated Security tests and then run them in a … Continue reading Automated Security Testing with OWASP Zed Attack Proxy: #2 Creating & Running Automated Security Tests on Visual Studio Team Services

Automated Security Testing with OWASP Zed Attack Proxy: #1 Installing & Configuring OWASP ZAP on an Azure Virtual Machine

OWASP Zed Attack Proxy (ZAP) is a free security tool that helps you automatically find security vulnerabilities in your web applications. It is one of the most popular tools out there and it's actively maintained by the community behind it. It’s a great tool that you can integrate while you are developing and testing your … Continue reading Automated Security Testing with OWASP Zed Attack Proxy: #1 Installing & Configuring OWASP ZAP on an Azure Virtual Machine

Continuous Code Quality with SonarQube: #2 Configuring SSL for SonarQube & Securing the SonarQube Server Behind a Reverse Proxy

In the previous article, Installing and Configuring SonarQube using Azure Virtual Machines and Azure SQL, we installed SonarQube on an Azure Virtual Machine and configured an Azure SQL Database for the SonarQube server. At the moment, the SonarQube dashboard is not accessible for the outside world. In this article, we’ll setup a reverse proxy to … Continue reading Continuous Code Quality with SonarQube: #2 Configuring SSL for SonarQube & Securing the SonarQube Server Behind a Reverse Proxy

Continuous Code Quality with SonarQube: #1 Installing and Configuring SonarQube using Azure Virtual Machine & Azure SQL

SonarQube a product by SonarSource, is an open source platform that can be used to manager source code quality for development teams. SonarQube is a great product that you can integrate with your existing build pipelines to analyze your code base and find bugs, vulnerabilities, code smells and manage the technical debt of your source … Continue reading Continuous Code Quality with SonarQube: #1 Installing and Configuring SonarQube using Azure Virtual Machine & Azure SQL

Team Project Wiki in Visual Studio Team Services: First Look

Team Project Wiki was rolled out for Visual Studio Team Services a couple of days back as a preview feature. For me this is a much-anticipated feature that felt missing and this would be a first look in to Team Project Wiki in Visual Studio Team Services. Navigate to your Visual Studio Team Services account … Continue reading Team Project Wiki in Visual Studio Team Services: First Look

Fix “Invalid input ‘WebApplication.csproj’. The file type was not recognized.” Error in Visual Studio Team Services, ASP.Net Core Build Definition

On Visual Studio Team Services, to quickly and easily build your ASP.Net Core applications, you can use the pre-built ASP.Net Core Template in the Build section of VSTS. But when you try to use this ASP.Net Core Pre-Built template with a .csproj based .Net Core Application, you run in to an issue where the build … Continue reading Fix “Invalid input ‘WebApplication.csproj’. The file type was not recognized.” Error in Visual Studio Team Services, ASP.Net Core Build Definition