- CheckMates
- :
- Products
- :
- CloudMates Products
- :
- CloudGuard - WAF
- :
- CloudGuard AppSec Workshop - Azure | The Video Edi...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
CloudGuard AppSec Workshop - Azure | The Video Edition! Now Available
Hi CloudGuaders!
While I hope most of you celebrating Christmas and are having a great time with family and friends, I edited for you the videos from the CloudGuard AppSec workshop!
Do you remember @Shay_Levin and I hosted several workshops a few weeks ago?
So now, in addition to the CloudGuard AppSec Workshop: Step-by-Step Guide you can follow, now you have these videos to follow!
Azure Single Gateway Deployment:
Azure VMSS Gateways Deployment:
Enjoy! And let us know what further content you would like to get 😀
Cheers,
Yuval
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Excellent videos @yuvalmamka as usual
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Amazing workshop, can you please share the link where you have downloaded or compile the list for attacks i.e. SQL injection ldap etc. I also wanted to know that you used 2 Public IP's, I do understand that one used for host file to resolve DNS and forward to external load balancer, however I am confused with another you used under the profile for Nginx with port:1234 is because you hosted websites somewhere else? and how traffic is routed ??
Thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
With using proxy_pass. That is Appsec is used as a Nginx module and can intercept the requests seen by Nginx reverse proxy.
Blason R
CCSA,CCSE,CCCS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hey,
You can find Shay's manual how to deploy the website with the attacks here: https://community.checkpoint.com/t5/Application-Security/Vulnerable-applications-for-testing-Guide/t...
Regarding your question - yes. the assets that we protected on this workshop were hosted externally, 2 websites on the same server (that's why there are different ports).
AppSec is using NGINX as a base platform, therefore the reverse proxy streamed the traffic to the URL I configured.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank for clarification
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI Yuvalmamka
sorry for the pain, I have tried the project and juiceshop config that i have used its only for http and not for https I am having issues to find config on github which run juiceshop on https, can you directly point me to exact git repository not the generic main page.
thanks in adavnce.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@shayle Can you advice on it?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I didn't find a way to activate https on the JuiceShop , so i have deployed an nginx container that act as a reverse proxy for the juciseshop.
https://faun.pub/setting-up-ssl-certificates-for-nginx-in-docker-environ-e7eec5ebb418