Automation and testing to accelerate deployments in Azure.

Comodo SSL Certificate Breach’s Potential Impact on Security Token Services and their Identity Providers


Recently, Iranian crackers used a username and password to make certificate requests from the Comodo Certificate Authority. These requests were successful and certificates were issued for 9 domains which are published on the Comodo Fraud Incident Report page:

This issue is of particular importance to me because SSL is the primary mechanism by which integrity and confidentiality are assured for security Security Tokens and Security Token Requests. My latest blog post provides instructions on how to add Yahoo and Google as Identity Providers to Windows Azure AppFabric Access Control Service v2.0. The fraudulent certificates are for the major Identity Provider sources on the Internet (e.g.,,,,,, global trustee). These certificates may be used to spoof content, perform phishing attacks, or perform man-in-the-middle attacks against all internet application users (in my view, it potentially impacts more than just applications accessible via web browsers). Although the sky is far from falling, this breach does illuminate some pretty significant vulnerabilities in our Internet security infrastructure, which need to be tightened.

Revocations of your computer’s trust of these certificates can be obtained via a web browser update (which is also very unfortunate as it makes the procedure for responding to such security threats extremely cumbersome and hard to orchestrate). In short though, you (and/or your application users) must update your web browsers to gain protection. Here are a few links for popular web browsers:

Microsoft IE Browser:
Firefox Browser:
Google Chrome: Tools/About (update will install automatically if you are online)
Apple Safari:

Each web browser is different, but to verify that you are protected, navigate to the certificate store of your browser and find the “Untrusted Publishers” tab (or equivalent). You want to see the list of domains above in the “Issued To” column of untrusted publishers. The following is from Internet Explorer:


Please notice that there are only EIGHT certificates in the revocation list. I am puzzled as to why the “” certificate is missing; however more information was not readily available at the time I wrote this blog post.

Work at the Speed of Ideas in Azure.

We are not short on ideas and increasingly businesses want to implement them as quickly as possible.
This is putting a burden on development teams to accelerate development without sacrificing quality.

We developed a best of breed platform designed specifically for Azure to enable end-to-end automation and testing.
Our service accelerates the deployment of e-commerce sites, corporate websites and portals, and mobile web applications.
Customers get to improve time-to-revenue with a reliable, predictable, and repeatable delivery platform.

Consistent through stages.

Version and release control.

Accelerate time-to-market.

We enable your teams to work in a logical and linear progression from inception to reality.

The platform is designed to facilitate a continuous delivery cycle using Agile methodologies.

You will streamline all aspects from identifying problems, rolling back to known good versions, and deploying at anytime of the day.

The Problem with Release Management.

The need to release faster and better quality is growing quickly. The inability to keep up with changing demand can be especially challenging for e-tailers who compete for customer mind-share. The need to move faster and faster results on more possibility of errors. With web development a common symptom of errors are broken links resulting from:

  • Renaming or moving a webpage and forgetting to change the internal link
  • Linking to content (documents, videos, forms, etc.) that has been moved or deleted
  • Linking to external pages where the URL changed or the page moved

Broken links impact Search Engine Optimization (SEO) which can easily reduce traffic to a site. More importantly, broken links have a direct impact on reputation, customer confidence, and completing a transaction. Broken links are a simple example of a very visible break down in testing and proper release management processes.

This is where automation and testing can become a catalyst to business but it is not as easy as it looks:

  • The tools to improve release management are complex, multi-origin, and rapidly changing
  • Not all are platform certified for public clouds such as Azure and can be unwieldy to deploy

As a result, many cut corners – they skip automation and don’t leverage testing, sometimes forgoing it altogether.

Request a Conversation

Put an End to Release Headaches.

We built this service for companies, e-tailers, and web development agencies who demand a better solution to ensure rapid development of content and features. It is ideally suited for automating the release and testing process for a Content Management System (CMS). Users benefit from the ability to:

  • Develop new features and capabilities faster and ensure they will not break the site or application as code gets promoted:
    • Linking to content (documents, videos, forms, etc.) that has been moved or deleted
    • Rapid corrective actions when functionality breaks
    • Event actions by trained experts using runbooks and/or automation
  • Reduce manual quality control (QC) processes:
    • Addresses the reality that most companies do not hire for this and often skip it
    • Catches bad code before it breaks or reduces functionality for live sites and applications
    • Key-based copying of databases from production to staging, test, and development without interrupting live environments
  • Evolve test coverage over time through an on-going consultative process:
    • As new functionality gets deployed, integrate as part of the automated testing plan
  • Manage code promotion across distributed locations:
    • Supports a centralized development model, allowing promotion of code to multiple production environments and across geo-distributed locations when required
    • As new functionality gets deployed, integrate as part of the automated testing plan

A Best of Breed Platform for Azure.

The Atmosera Release Management as a Service was developed to address the gap which exists for companies and developers wanting to move quickly through release management while ensuring quality control and repeatable testing procedures. The platform was purpose-built for Azure using productized integration code to seamlessly connect industry-leading products including:

  • Chef: infrastructure automation
  • Bitbucket: web-based projects hosting
  • Terraform: infrastructure as code
  • JIRA: bug tracking and project management
  • Jenkins: continuous integration and delivery management
  • Zabbix: real-time monitoring
  • Selenium: web application testing

Focus on your business and deploying the next release, not the infrastructure on which your automation and testing runs. Say goodbye to errors such as broken links!

Benefit from a Platform Based on DevOps Practices.

Agile and DevOps are all the rage but is your IT really enabling them properly?

Atmosera Release Management as a Service is a foundational platform on top of which your teams can drive better agility and quality. It was built for developers to ensure a framework where both infrastructure and operation are harmonized to deliver the ability to:

  • Track every change for every version and quickly find the source of a problem within your application
  • Leverage a structure which enables you to easily roll back to previous known good versions.
  • Log application feedback and add it to a backlog which can be prioritized for the planning phase of a future version.
  • Drive Continuous Integration (CI) which means you can deploy your application at any time without fear of losing data, customers, or other services related to your application.
  • Enable Continuous Deployment (CD) which allows your team to work effectively on an application with less downtime due to disruptions and distractions.
  • Put an end to the need to schedule software releases at 2AM on a Saturday.

We deliver solutions that accelerate the value of Azure.

Ready to experience the full power of Microsoft Azure?

Start Today

Blog Home

Stay Connected

Upcoming Events

All Events