Ensure Application Security with Zend Server and RIPS

27 Mar 2018 by Dr. Johannes Dahse

Zend Server Integration

Zend Server is the ultimate and most secure software platform for deploying, monitoring, debugging, maintaining, and optimizing enterprise PHP applications. It also helps to keep the technology stack up-to-date and to avoid security risks that stem from outdated components. However, most of the daily web attacks try to exploit security bugs in the applications’ source code. Popular vulnerability types such as SQL injection and cross-site scripting can enable attackers to steal sensitive user data from the server. The attack surface is further increased by a variety of PHP-specific security pitfalls. A single successful breach puts a company’s reputation and compliance at danger.

Read More ...

Integrate Security Testing into PhpStorm

20 Feb 2018 by Julian Karl

RIPS IntelliJ Integration

PhpStorm is one of the leading IDEs for developing PHP applications. Its support for key developer tools, such as version control systems, remote deployment, and databases makes it easy for developers to write code efficiently. Although it offers code analysis features in the range of code completion and code quality analysis it is not able to detect pervasive security issues, such as Cross-Site Scripting or SQL Injection. With the help of our PhpStorm plugin you can seamlessly integrate our best-in-class security analysis directly into PhpStorm. This enables developers to quickly scan their project, to review found security vulnerabilities, and to apply patches at the lowest cost point without ever leaving PhpStorm. Get a trial and test it!

Read More ...

Security Analysis with Bamboo Plugin

25 Oct 2017 by Martin Bednorz

RIPS Bamboo Integration

Bamboo is a widely used software that enables continuous integration, deployment, and delivery of software applications. It is developed by the Australian company Atlassian that is also well known for their products JIRA and BitBucket. This blog post introduces our Bamboo integration and how it can be used to continuously analyze your PHP application with RIPS. By automatically detecting and warning about security issues, your production server can be protected from new vulnerabilities.

Read More ...

Security Analysis with SonarQube Plugin

4 Aug 2017 by Martin Bednorz

SonarQube

SonarQube is one of the leading products for continuous code quality inspection and is used by more than 80,000 organizations world-wide to automatically detect a large variety of code quality issues. But in today’s world the detection of security issues is even more important. RIPS Technologies enables to integrate its awarded security analysis solution directly into SonarQube through a plugin. It allows to continuously scan existing SonarQube projects for security threats and for quality issues so that the deployment of unstable applications can be prevented.

Read More ...

Continuous Integration - Jenkins at your service

18 Dec 2016 by Daniel Peeren

Continous Integration Jenkins

Continuous integration (CI) is a powerful tool to increase the quality of software and to save valuable time in the development process. An integral aspect of continuous integration is the automated testing of source code to reduce the likelihood of risks, bugs, and errors. In order to assist developers in writing secure code, it is possible to connect the sophisticated security analysis of RIPS into existing CI tools. In this post, we will introduce our plugin for Jenkins, one of the most popular automation platforms in the world, that can automatically warn you whenever a new security issue is introduced to your code base.

Read More ...