Be Mean to Your Code - DevOps Days Austin 2013
Upcoming SlideShare
Loading in...5
×
 

Like this? Share it with your network

Share

Be Mean to Your Code - DevOps Days Austin 2013

on

  • 1,200 views

presented at DevOps Days Austin 2013

presented at DevOps Days Austin 2013

Statistics

Views

Total Views
1,200
Views on SlideShare
1,150
Embed Views
50

Actions

Likes
3
Downloads
9
Comments
0

4 Embeds 50

https://twitter.com 47
http://moderation.local 1
http://scribes.tweetscriber.com 1
http://kred.com 1

Accessibility

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Be Mean to Your Code - DevOps Days Austin 2013 Presentation Transcript

  • 1. Be Mean toYour Codewith Gauntlt
  • 2. free phone calls
  • 3. 1337 tools
  • 4. “[RISK ASSESSMENT] INTRODUCES ADANGEROUS FALLACY:THATSTRUCTURED INADEQUACY ISALMOST AS GOOD AS ADEQUACYAND THAT UNDERFUNDEDSECURITY EFFORTS PLUS RISKMANAGEMENT ARE ABOUT ASGOOD AS PROPERLY FUNDEDSECURITY WORK” - MICHAL ZALEWSKI
  • 5. “Is this Secure?”-Your Customer“It’s Certified”-You
  • 6. there’s a better way
  • 7. Your appsslyzedirbnmapcurlsqlmapgarmrYougenericPut your code through the Gauntlet
  • 8. security tools are confusing
  • 9. Gauntlt allows dev and ops andsecurity to communicate
  • 10. $ gem install gauntltinstall gauntlt
  • 11. Feature: nmap attacks for example.comBackground:Given "nmap" is installedAnd the following profile:| name | value || hostname | example.com || tcp_ping_ports | 22,25,80,443 |Scenario: Verify server is open on expected portsWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should contain:"""80/tcp open https"""Scenario: Verify that there are no unexpected ports openWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should not contain:"""25/tcp"""GivenWhenThenWhenThen
  • 12. $ gauntltFeature: nmap attacks for example.comBackground:Given "nmap" is installedAnd the following profile:| name | value || hostname | example.com || tcp_ping_ports | 22,25,80,443 |Scenario: Verify server is open on expected portsWhen I launch an "nmap" attack with:"""nmap -F www.example.com"""Then the output should contain:"""443/tcp open https"""1 scenario (1 failed)5 steps (1 failed, 4 passed)0m18.341srunning gauntlt with failing tests
  • 13. $ gauntltFeature: nmap attacks for example.comBackground:Given "nmap" is installedAnd the following profile:| name | value || hostname | example.com || tcp_ping_ports | 22,25,80,443 |Scenario: Verify server is open on expected portsWhen I launch an "nmap" attack with:"""nmap -F www.example.com"""Then the output should contain:"""443/tcp open https"""1 scenario (1 passed)5 steps (5 passed)0m18.341srunning gauntlt with passing tests
  • 14. Feature: nmap attacks for example.comBackground:Given "nmap" is installedAnd the following profile:| name | value || hostname | example.com || tcp_ping_ports | 22,25,80,443 |Scenario: Verify server is open on expected portsWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should contain:"""80/tcp open https"""Scenario: Verify that there are no unexpected ports openWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should not contain:"""25/tcp"""setup stepsverifytoolsetconfig
  • 15. Feature: nmap attacks for example.comBackground:Given "nmap" is installedAnd the following profile:| name | value || hostname | example.com || tcp_ping_ports | 22,25,80,443 |Scenario: Verify server is open on expected portsWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should contain:"""80/tcp open https"""Scenario: Verify that there are no unexpected ports openWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should not contain:"""25/tcp"""attackgetconfig
  • 16. Feature: nmap attacks for example.comBackground:Given "nmap" is installedAnd the following profile:| name | value || hostname | example.com || tcp_ping_ports | 22,25,80,443 |Scenario: Verify server is open on expected portsWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should contain:"""80/tcp open https"""Scenario: Verify that there are no unexpected ports openWhen I launch an "nmap" attack with:"""nmap -F <hostname>"""Then the output should not contain:"""25/tcp"""assertneedlehaystack
  • 17. Supported ToolscurlnmapsslyzeGarmrdirbgeneric
  • 18. get started with gauntltgithub/gauntltgauntlt.orgvideostutorials@gauntltIRC #gauntltwehelp!start herecoolvids!
  • 19. be mean to your codeand win!slideshare.com/wickett