Veracode has launched an application security platform to embed security testing into the continuous development lifecycle, in partnership with Microsoft Visual Studio Team Services (VSTS).
The extension will enable developers and engineering teams using VSTS to apply application security testing into their DevOps environments or other continuous deployment models.
Enabling secure DevOps
The integration simplifies the delivery of secure applications by moving vulnerability assessments earlier in the development process. This will enable developers to create applications that meet market demand on schedule, without compromising on security.
In addition, in order to reduce friction between security and development teams, the application security platform hopes to offer fewer disruptions for developers through integrated testing within the development process. T
“The focus of continuous deployment models like DevOps on automated, integrated testing presents an opportunity to build security into the development lifecycle, improving application security without impacting delivery times,” said Tim Jarrett, Senior Director of Security, Veracode. “This solution enables developers to code securely, meeting the needs of both developers and security teams by delivering secure applications on time.”
Shawn Nandi, Senior Director, Microsoft Corp. said, “The Veracode extension for Visual Studio Team Services allows developers to test applications and resolve security flaws early in the development lifecycle. Now, teams can rely on VSTS to automatically raise an alarm if a critical issue is found. This reduced risk exposure paired with the ability to accelerate the delivery of secure applications will enable companies to realise the full potential of DevOps environment.”
Development team leads or release engineers can install Veracode’s VSTS integration extension into their VSTS instance from the Microsoft VSTS Marketplace, or download it from their local Microsoft Team Foundation Server.
Edited for web by Jordan Platt.