Ready for the real environment experience?
Gauntlt is a security testing framework that uses a command-line interface (CLI) for running security tests, or attacks. Gauntlt provides a report of tests that passed and failed similar to other automated testing frameworks. Gauntlt integrates with many popular security tools and is easily extendable to perform custom security tests. In this Lab, you will learn how to use Gauntlt for security testing and protect application code against attacks with Guantlt by embedding it into an AWS CodePipeline continuous integration pipeline. After completing the Lab you can begin implementing security as code within your own DevOps practices.
Upon completion of this Lab you will be able to:
- Understand the basic concepts of security testing with Gauntlt
- Write and execute security tests with Gauntlt
- Integrate Gauntlt security tests into a continuous integration pipeline
- Use AWS Cloud9 for writing code and issuing commands from a browser
You should be familiar with:
- Basic Docker concepts
- Basic continuous integration concepts
- Working at the command line in Linux
Before completing the Lab instructions, the environment will look as follows:
After completing the Lab instructions, the environment should look similar to:
About the Author
Logan has been involved in software development and research for over eleven years, including six years in the cloud. He is an AWS Certified DevOps Engineer - Professional, MCSE: Cloud Platform and Infrastructure, and Certified Kubernetes Administrator (CKA). He earned his Ph.D. studying design automation and enjoys all things tech.