Jenkins is the way to secure your software

Product Security and Jenkins

Submitted By Jenkins User Chris Siv

Security is first for this test engineer.

Industry: Networking

Programming Language: C/C++, Python

Version Control System: Subversion

Platform: Embedded

Build Tool: Maven

Community Support: websites & blogs, Spoke with colleagues and peers

Security, automation and software acceleration with Jenkins.

Background: My company needed to improve our DevOps environment. As the test engineer, I wanted to make sure the environment was secure. I sought to automate processes as we would manually start and browse results of Security Testing (SAST) and Dynamic Application Security Testing (DAST) after each software component change.

Goals: Deliver secure software to network elements.

“Jenkins helped us to automate the boring stuff.”
Chris Siv, Test Engineer

Solution & Results: 

Jenkins was used to integrate and automate Static Application Security Testing and Dynamic Application Security Testing tools. When there is a change in any component that is a part of our software, Jenkins automatically starts its jobs. With its functionality, team members receive an email notification if there’s a new finding in our software.

We use email notifications to inform team members about results. Additionally, we are using a plot to visualize security errors in each build.

We were thrilled with the results, which have included:

  • Improved product security 
  • Shortened development release cycles  
  • Elimination of the need for the team to perform manual work

Like what you see? Share your Jenkins user story today.

Jenkins® is a CD Foundation project and a registered trademark of Software in the Public Interest, Inc. Copyright Jenkins 2020