We are excited to announce the release of our new Jira plugin. It allows to synchronize security issues detected by RIPS with your existing Jira issues so you can track and collaborate on software bugs in a single place.Read More
Jenkins CI is one of the leading open source automation server and provides hundreds of plugins to support building, deploying and automating any project. It supports version control tools like Git, Subversion, Mercurial, Perforce, and can execute Apache Ant, Apache Maven and Gradle based projects as well as arbitrary shell scripts and Windows batch commands. RIPS supports the integration of security analysis into Jenkins since 2016 that helps to prevent that new security vulnerabilities are added to your build. Our new major release now also supports the new Pipeline feature and improves existing features.Read More
Zend Server is the ultimate and most secure software platform for deploying, monitoring, debugging, maintaining, and optimizing enterprise PHP applications. It also helps to keep the technology stack up-to-date and to avoid security risks that stem from outdated components. However, most of the daily web attacks try to exploit security bugs in the applications’ source code. Popular vulnerability types such as SQL injection and cross-site scripting can enable attackers to steal sensitive user data from the server. The attack surface is further increased by a variety of PHP-specific security pitfalls. A single successful breach puts a company’s reputation and compliance at danger.Read More
PhpStorm is one of the leading IDEs for developing PHP applications. Its support for key developer tools, such as version control systems, remote deployment, and databases makes it easy for developers to write code efficiently. Although it offers code analysis features in the range of code completion and code quality analysis it is not able to detect pervasive security issues, such as Cross-Site Scripting or SQL Injection. With the help of our PhpStorm plugin you can seamlessly integrate our best-in-class security analysis directly into PhpStorm. This enables developers to quickly scan their project, to review found security vulnerabilities, and to apply patches at the lowest cost point without ever leaving PhpStorm. Get a trial and test it!Read More
RIPS exposes a powerful REST-API, an interface specifically designed for developers and their applications. It is used to provide the web interface with analysis results, to start scans through plugins, to manage users, and much more. In short, the API enables easy automation of all RIPS features through other programs.
In this blog post the architecture of the RIPS API is explained and the advantages of a RESTful API are shown. To demonstrate the simplistic nature of our interface, a small CI integration example is given that will reject code commits with security issues and hence protects the production server from new vulnerabilities.Read More