AppSec - Self Paced Hands On Lab
I went through the AppSec demo and found a few odd things:
1) With the power meter API asset in "Prevent" mode, and after enforcing the policy, I run the demo .EXE app on the VM desktop. Yes, it did show "Forbidden (403)" in the response (as expected). The lab document said that the usage graph would continue normally, and not reset to Zero. However, in the web browser showing the power usage graph, the graph did not continue auto-updating. Instead, the status showed "No communication" and the other values were not updating; they all stayed static. I set the EXE app back to Normal Mode, and the graph resumed normally. The AppSec services were working correctly, and blocking the API attack, however.
2) When doing the k8s lab demo, the process failed when running "helm install ..." on the juice chart app:
root@waap-k8s:~# helm install juice juice-chart.tar.gz --set nanoToken="cp-bf0bfc7e-269c-401e-a6d2-fcc237ce880c2a6f7bec-2a24-4d0b-92f7-4727ccf7afb8"
Error: failed to download "juice-chart.tar.gz" (hint: running `helm repo update` may help)
Looks like there is a missing repository, and it cannot be installed via 'helm'.
Let me know if there is something else that needs to be done.