topic Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available in WAF

CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

yuvalmamka — Wed, 28 Dec 2022 12:45:05 GMT

Hi CloudGuaders!

While I hope most of you celebrating Christmas and are having a great time with family and friends, I edited for you the videos from the CloudGuard AppSec workshop!

Do you remember @Shay_Levin and I hosted several workshops a few weeks ago?
So now, in addition to the CloudGuard AppSec Workshop: Step-by-Step Guide you can follow, now you have these videos to follow!

Azure Single Gateway Deployment:

(view in My Videos)

Azure VMSS Gateways Deployment:

(view in My Videos)

Enjoy! And let us know what further content you would like to get 😀

Cheers,

Yuval

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

Shay_Levin — Tue, 27 Dec 2022 10:33:59 GMT

Excellent videos @yuvalmamka as usual

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

kamaladmire1 — Tue, 03 Jan 2023 10:27:22 GMT

Amazing workshop, can you please share the link where you have downloaded or compile the list for attacks i.e. SQL injection ldap etc. I also wanted to know that you used 2 Public IP's, I do understand that one used for host file to resolve DNS and forward to external load balancer, however I am confused with another you used under the profile for Nginx with port:1234 is because you hosted websites somewhere else? and how traffic is routed ??

Thanks

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

Blason_R — Tue, 03 Jan 2023 10:30:48 GMT

With using proxy_pass. That is Appsec is used as a Nginx module and can intercept the requests seen by Nginx reverse proxy.

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

yuvalmamka — Tue, 03 Jan 2023 11:53:05 GMT

Hey,

You can find Shay's manual how to deploy the website with the attacks here: https://community.checkpoint.com/t5/Application-Security/Vulnerable-applications-for-testing-Guide/td-p/162631

Regarding your question - yes. the assets that we protected on this workshop were hosted externally, 2 websites on the same server (that's why there are different ports).

AppSec is using NGINX as a base platform, therefore the reverse proxy streamed the traffic to the URL I configured.

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

kamaladmire1 — Tue, 03 Jan 2023 12:37:55 GMT

Thank for clarification

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

kamaladmire1 — Thu, 05 Jan 2023 23:53:43 GMT

HI Yuvalmamka

sorry for the pain, I have tried the project and juiceshop config that i have used its only for http and not for https I am having issues to find config on github which run juiceshop on https, can you directly point me to exact git repository not the generic main page.

thanks in adavnce.

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

yuvalmamka — Sun, 08 Jan 2023 09:06:40 GMT

@shayle Can you advice on it?

Re: CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available

Shay_Levin — Sun, 08 Jan 2023 09:27:37 GMT

Hi,

I didn't find a way to activate https on the JuiceShop , so i have deployed an nginx container that act as a reverse proxy for the juciseshop.

https://faun.pub/setting-up-ssl-certificates-for-nginx-in-docker-environ-e7eec5ebb418