Jenkins is the way to secure your software

Product Security and Jenkins

Submitted By Jenkins User Chris Siv
Security is first for this test engineer.
Industries: Networking
Programming Languages: C/C++, Python
Platform: : Embedded
Version Control System: Subversion
Build Tools: Maven
Community Support: websites & blogs, Spoke with colleagues and peers

Security, automation and software acceleration with Jenkins.

Background: My company needed to improve our DevOps environment. As the test engineer, I wanted to make sure the environment was secure. I sought to automate processes as we would manually start and browse results of Security Testing (SAST) and Dynamic Application Security Testing (DAST) after each software component change.

Goals: Deliver secure software to network elements.

Solution & Results:

Jenkins was used to integrate and automate Static Application Security Testing and Dynamic Application Security Testing tools. When there is a change in any component that is a part of our software, Jenkins automatically starts its jobs. With its functionality, team members receive an email notification if there's a new finding in our software.

Jenkins helped us to automate the boring stuff.
profile picture
Chris Siv, Test Engineer

We use email notifications to inform team members about results. Additionally, we are using a plot to visualize security errors in each build.

We were thrilled with the results, which have included:

  • Improved product security
  • Shortened development release cycles
  • Elimination of the need for the team to perform manual work