https://community.checkpoint.com/t5/WAF/AppSec-Self-Paced-Hands-On-Lab/m-p/131150#M51 <P>Hello Shay!</P><P>&nbsp;</P><P>I went through the AppSec demo and found a few odd things:</P><P>&nbsp;</P><P>1) &nbsp;With the power meter API asset in "Prevent" mode, and after enforcing the policy, I run the demo .EXE app on the VM desktop. &nbsp;Yes, it did show "Forbidden (403)" in the response (as expected). &nbsp;The lab document said that the usage graph would continue normally, and not reset to Zero. &nbsp;However, in the web browser showing the power usage graph, the graph did not continue auto-updating. &nbsp; Instead, the status showed "No communication" and the other values were not updating; they all stayed static. &nbsp;I set the EXE app back to Normal Mode, and the graph resumed normally. &nbsp;The AppSec services were working correctly, and blocking the API attack, however.&nbsp;</P><P>&nbsp;</P><P>2) When doing the k8s lab demo, the process failed when running "helm install ..." on the juice chart app:</P><P>&nbsp;</P><P>root@waap-k8s:~# helm install juice juice-chart.tar.gz --set nanoToken="cp-bf0bfc7e-269c-401e-a6d2-fcc237ce880c2a6f7bec-2a24-4d0b-92f7-4727ccf7afb8"<BR />Error: failed to download "juice-chart.tar.gz" (hint: running `helm repo update` may help)</P><P>&nbsp;</P><P>Looks like there is a missing repository, and it cannot be installed via 'helm'.</P><P>&nbsp;</P><P>Let me know if there is something else that needs to be done.</P><P>&nbsp;</P><P>Thanks!</P> Wed, 06 Oct 2021 14:39:39 GMT Duane_Toler 2021-10-06T14:39:39Z https://community.checkpoint.com/t5/WAF/AppSec-Self-Paced-Hands-On-Lab/m-p/129197#M39 <P>&nbsp;</P> <P><FONT size="4"><SPAN>In this LAB you will attack a vulnerable web application and then you would learn how to use CloudGuard AppSec to protect it.</SPAN></FONT></P> <P><FONT size="4"><SPAN>To access the lab click&nbsp;</SPAN></FONT><FONT size="4"><A href="https://community.checkpoint.com/t5/CloudGuard-AppSec/ct-p/cloudguard-appsec-demo" target="_self">here</A></FONT></P> Sun, 12 Sep 2021 12:03:36 GMT https://community.checkpoint.com/t5/WAF/AppSec-Self-Paced-Hands-On-Lab/m-p/129197#M39 Shay_Levin 2021-09-12T12:03:36Z https://community.checkpoint.com/t5/WAF/AppSec-Self-Paced-Hands-On-Lab/m-p/131150#M51 <P>Hello Shay!</P><P>&nbsp;</P><P>I went through the AppSec demo and found a few odd things:</P><P>&nbsp;</P><P>1) &nbsp;With the power meter API asset in "Prevent" mode, and after enforcing the policy, I run the demo .EXE app on the VM desktop. &nbsp;Yes, it did show "Forbidden (403)" in the response (as expected). &nbsp;The lab document said that the usage graph would continue normally, and not reset to Zero. &nbsp;However, in the web browser showing the power usage graph, the graph did not continue auto-updating. &nbsp; Instead, the status showed "No communication" and the other values were not updating; they all stayed static. &nbsp;I set the EXE app back to Normal Mode, and the graph resumed normally. &nbsp;The AppSec services were working correctly, and blocking the API attack, however.&nbsp;</P><P>&nbsp;</P><P>2) When doing the k8s lab demo, the process failed when running "helm install ..." on the juice chart app:</P><P>&nbsp;</P><P>root@waap-k8s:~# helm install juice juice-chart.tar.gz --set nanoToken="cp-bf0bfc7e-269c-401e-a6d2-fcc237ce880c2a6f7bec-2a24-4d0b-92f7-4727ccf7afb8"<BR />Error: failed to download "juice-chart.tar.gz" (hint: running `helm repo update` may help)</P><P>&nbsp;</P><P>Looks like there is a missing repository, and it cannot be installed via 'helm'.</P><P>&nbsp;</P><P>Let me know if there is something else that needs to be done.</P><P>&nbsp;</P><P>Thanks!</P> Wed, 06 Oct 2021 14:39:39 GMT https://community.checkpoint.com/t5/WAF/AppSec-Self-Paced-Hands-On-Lab/m-p/131150#M51 Duane_Toler 2021-10-06T14:39:39Z