Protect Your Code Against Attacks With Gauntlt

The hands-on lab is part of this learning path

DevOps Playbook - CI/CD Tools and Services
course-steps 5 certification 2 lab-steps 5

Lab Steps

keyboard_tab
lock
Logging in to the Amazon Web Services Console
lock
Opening the AWS Cloud9 IDE
lock
Executing Your First Gauntlt Attack
lock
Working With Gauntlt Attack Adapters
lock
Using Gauntlt to Test a Local Application
lock
Including Gauntlt Security Testing in a Continuous Integration Pipeline
lock
Validate AWS Lab

Ready for the real environment experience?

DifficultyIntermediate
Max Duration1h 15m
Students117
Ratings
4.8/5
star star star star star-half

Description

Lab Overview

Gauntlt is a security testing framework that uses a command-line interface (CLI) for running security tests, or attacks. Gauntlt provides a report of tests that passed and failed similar to other automated testing frameworks. Gauntlt integrates with many popular security tools and is easily extendable to perform custom security tests. In this Lab, you will learn how to use Gauntlt for security testing and protect application code against attacks with Guantlt by embedding it into an AWS CodePipeline continuous integration pipeline. After completing the Lab you can begin implementing security as code within your own DevOps practices.

Lab Objectives

Upon completion of this Lab you will be able to:

  • Understand the basic concepts of security testing with Gauntlt
  • Write and execute security tests with Gauntlt
  • Integrate Gauntlt security tests into a continuous integration pipeline
  • Use AWS Cloud9 for writing code and issuing commands from a browser

Lab Prerequisites

You should be familiar with:

  • Basic Docker concepts
  • Basic continuous integration concepts
  • Working at the command line in Linux

Lab Environment

Before completing the Lab instructions, the environment will look as follows:

After completing the Lab instructions, the environment should look similar to:

Updates

January 10th, 2019 - Added a validation Lab Step to check the work you perform in the Lab

October 23rd, 2018 - Updated CodePipeline instructions and images to match the latest interface.

About the Author

Students35180
Labs95
Courses11
Learning paths7

Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), Linux Foundation Certified System Administrator (LFCS), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.