Gauntlt is a security testing framework that uses a command-line interface (CLI) for running security tests, or attacks. Gauntlt provides a report of tests that passed and failed similar to other automated testing frameworks. Gauntlt integrates with many popular security tools and is easily extendable to perform custom security tests. In this Lab, you will learn how to use Gauntlt for security testing and protect application code against attacks with Guantlt by embedding it into an AWS CodePipeline continuous integration pipeline. After completing the Lab you can begin implementing security as code within your own DevOps practices.
Upon completion of this Lab you will be able to:
You should be familiar with:
Before completing the Lab instructions, the environment will look as follows:
After completing the Lab instructions, the environment should look similar to:
August 22nd, 2023 - Handled disk space error and updated screenshots
November 30th, 2022 - Added check
January 10th, 2019 - Added a validation Lab Step to check the work you perform in the Lab
October 23rd, 2018 - Updated CodePipeline instructions and images to match the latest interface.
Logan has been involved in software development and research since 2007 and has been in the cloud since 2012. He is an AWS Certified DevOps Engineer - Professional, AWS Certified Solutions Architect - Professional, Microsoft Certified Azure Solutions Architect Expert, MCSE: Cloud Platform and Infrastructure, Google Cloud Certified Associate Cloud Engineer, Certified Kubernetes Security Specialist (CKS), Certified Kubernetes Administrator (CKA), Certified Kubernetes Application Developer (CKAD), and Certified OpenStack Administrator (COA). He earned his Ph.D. studying design automation and enjoys all things tech.