putting rugged into your devops toolchain
DESCRIPTION
Presentation given at DevOps Days Mountain View, on June 29th, 2012. #devopsdaysTRANSCRIPT
![Page 1: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/1.jpg)
PUTTING RUGGED INTOYOUR DEVOPS TOOLCHAIN
JAMES WICKETT, @WICKETT
![Page 2: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/2.jpg)
I WANT YOU TO BE SUCCESSFUL AND MAKE A DIFFERENCE
![Page 3: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/3.jpg)
James Wickett
CISSP, GWAPT, CCSK, GSEC, GCFW
@wickett@RuggedDevOps
@gauntlt
![Page 5: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/5.jpg)
A BRIEF HISTORY OFINFORMATION SECURITY
![Page 6: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/6.jpg)
WE USED TO BE COOL
![Page 7: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/7.jpg)
WE HADCINEMA
![Page 8: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/8.jpg)
WE HAD HEROES
![Page 9: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/9.jpg)
WE MADE FREEPHONE CALLS
![Page 10: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/10.jpg)
WE WERE COOL
![Page 11: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/11.jpg)
WE MADE IT INTO THEORGANIZATIONSWE HAD PREVIOUSLY FOUGHT
![Page 12: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/12.jpg)
WE HELD CONFERENCESIN FANCY HOTELSWHERE WE CLAIMED WE HAD NO BUSINESS SUPPORT
![Page 13: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/13.jpg)
WE HAVE BUSINESS CARDS WITH TITLES LIKE CISO ON THEM
![Page 14: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/14.jpg)
ONCE IN THE ORGINFOSEC MADEBIG CLAIMS
![Page 15: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/15.jpg)
WE COULDN’T STOP THEVIRUSES AND WORMS
![Page 16: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/16.jpg)
ENTER RISKASSESSMENT
![Page 17: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/17.jpg)
INSTEAD OF ENGINEERING INFOSEC BECAME ACTUARIES
![Page 18: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/18.jpg)
WE BECAME EXPERTSIN BUYING INSURANCE POLICIES
![Page 19: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/19.jpg)
“[RISK ASSESSMENT] INTRODUCES A DANGEROUS FALLACY: THAT STRUCTURED INADEQUACY IS ALMOST AS GOOD AS ADEQUACY AND THAT UNDERFUNDED SECURITY EFFORTS PLUS RISK MANAGEMENT ARE ABOUT AS GOOD AS PROPERLY FUNDED SECURITY WORK” - MICHAL ZALEWSKI
![Page 20: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/20.jpg)
WE MADE A SIGNIFICANT
ERROR
![Page 21: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/21.jpg)
WE THOUGHT THIS WAS TRUE:EVERY SECURITY EVENTRESULTS IN A FINANCIAL LOSS
![Page 22: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/22.jpg)
TJX H@CK3D!
![Page 23: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/23.jpg)
THE STOCK PRICE DIDN’T DROP
![Page 24: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/24.jpg)
OUR ASSUMPTION WAS INCOMPLETE
![Page 25: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/25.jpg)
INFOSEC ALSO MADE A SECOND BIG MISTAKE
![Page 26: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/26.jpg)
IT STAYED IN INFORMATION TECHNOLOGY
![Page 27: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/27.jpg)
IT WAS A COST CENTER AND NOT IN A POSITION TO ADD VALUE
![Page 28: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/28.jpg)
SOMETHING ELSE HAPPENED GLOBALLY
![Page 29: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/29.jpg)
DEVS BECAME COOL
![Page 30: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/30.jpg)
CODE BECAME SOCIAL
![Page 31: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/31.jpg)
“I DON’T WANT YOU TO SEND ME AN INSTALLATION DVD”
![Page 32: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/32.jpg)
WE SELL TIME NOW
![Page 33: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/33.jpg)
WE SELL SOCIAL AND FRIENDSHIPS
![Page 34: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/34.jpg)
![Page 35: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/35.jpg)
“IS THIS SECURE?”-YOUR CUSTOMER
![Page 36: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/36.jpg)
“ITS CERTIFIED”- YOU
![Page 37: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/37.jpg)
WHY CAN’T YOU GIVE A BETTER ANSWER?
![Page 38: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/38.jpg)
THE INEQUITABLE DISTRIBUTION OF LABOR IN SECURITY MIMICS THAT IN DEV/OPS
![Page 39: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/39.jpg)
source: Gene Kim, “When IT says No @SXSW 2012”
![Page 40: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/40.jpg)
Security sees...
• They give advice that goes unheeded
• Business decisions made w/o regard of risk
• Irrelevancy in the organization
• Constant bearer of bad news
• Feels ignored by their peers (you know, those devops guys)
• Inequitable distribution of labor
![Page 41: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/41.jpg)
2% OF AN ENGINEERING DEV TEAM ARE WORKING ON SECURITY
- BSIMM 2012 data, http://bsimm.com/
![Page 42: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/42.jpg)
HOW DO WE FIX THESE PROBLEMS?
![Page 43: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/43.jpg)
-LEARNING FROM (PREFERABLY OTHER PEOPLE’S) MISTAKES
-DEVELOPING TOOLS TO CORRECT PROBLEMS
- PLANNING TO HAVE EVERYTHING COMPROMISED
![Page 44: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/44.jpg)
UNDERSTANDING
TOOLINGARCHITECTURE
![Page 45: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/45.jpg)
![Page 46: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/46.jpg)
OPEN WEB APPLICATION SECURITY PROJECT
![Page 47: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/47.jpg)
![Page 48: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/48.jpg)
![Page 49: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/49.jpg)
Current Software
![Page 50: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/50.jpg)
Rugged Software
![Page 51: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/51.jpg)
Current Software
![Page 52: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/52.jpg)
Rugged Software
![Page 53: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/53.jpg)
Current Software
![Page 54: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/54.jpg)
Rugged Software
![Page 55: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/55.jpg)
ADVERSITY REQUIRES RUGGED SOLUTIONS
![Page 56: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/56.jpg)
ADVERSITY IS REAL ORPERCEIVED NEGATIVEACTIONS AND EVENTS THAT PROHIBIT NORMALFUNCTION AND OPERATION.
![Page 57: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/57.jpg)
RUGGEDIZATION THEORY
Building solutions to handle adversity will cause unintended, positive benefits that will provide value that would have been unrealized otherwise.
![Page 58: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/58.jpg)
NO PAIN, NO GAIN
![Page 59: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/59.jpg)
"Secondly, our network got a lot stronger as a result of the LulzSec
attacks." -Surviving Lulz: Behind the Scenes of LulzSec @SXSW 2012
by CloudFlare team
![Page 60: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/60.jpg)
![Page 61: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/61.jpg)
REPEATABLE – NO MANUAL STEPSRELIABLE - NO DOS HEREREVIEWABLE – AKA AUDITRAPID – FAST TO BUILD, DEPLOY, RESTORERESILIENT – AUTOMATED RECONFIGURATION REDUCED - LIMITED ATTACK SURFACE
![Page 62: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/62.jpg)
RUGGED BY DESIGN,DEVOPS BY CULTURE
![Page 63: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/63.jpg)
RUGGED DEVOPS
![Page 64: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/64.jpg)
![Page 65: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/65.jpg)
![Page 66: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/66.jpg)
![Page 67: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/67.jpg)
Put your code through the gauntlt
![Page 68: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/68.jpg)
GAUNTLET, N. AN ATTACK FROM ALL SIDES
![Page 69: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/69.jpg)
Your web app
w3af
fuzzers
nmap
nessus
sqlmapmetasploit
You
dirbustercustom attacks
![Page 70: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/70.jpg)
gauntlt is built for doing security testing in a DevOps world
![Page 71: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/71.jpg)
GAUNTLT IS
![Page 72: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/72.jpg)
AN ALWAYS-ATTACKING ENVIRONMENT FOR DEVELOPERS
![Page 73: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/73.jpg)
WITH ATTACKS WRITTEN IN EASY-TO-READ LANGUAGE
![Page 74: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/74.jpg)
ACCESSIBLE TO EVERYONE INVOLVED IN DEV, OPS, TESTING, SECURITY, ...
![Page 75: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/75.jpg)
![Page 76: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/76.jpg)
MEET THE GAUNTLT TEAM
![Page 77: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/77.jpg)
MANI TADAYON
"SOFTWARE - WAR = SOFTE"
@BWSR_SR
![Page 78: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/78.jpg)
ROY RAPOPORT“I PICKED UP THE TEE SHIRTS”
@ROYRAPOPORT
![Page 79: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/79.jpg)
BILL BURNS@X509V3
“SMITHERS, RELEASE THE MONKEYS!”
![Page 80: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/80.jpg)
JOSHUA CORMAN@JOSHCORMAN@RUGGEDSOFTWARE
“HONEY BADGER DOES CARE”
![Page 81: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/81.jpg)
JASON CHAN
@CHANJBS
![Page 82: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/82.jpg)
NOT PICTURED:MATT TESAUROTAREK MOUSSA
![Page 83: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/83.jpg)
WHY GAUNTLT?
SECURITY DOMAIN KNOWLEDGE IS GENERALLY A MYSTERY TO DEV TEAMS
![Page 84: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/84.jpg)
GAUNTLT ALLOWS DEV AND OPS AND SECURITY TO
COMMUNICATE
![Page 85: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/85.jpg)
GAUNTLT JOINSTHE PHILOSOPHY OFRUGGED SOFTWARE& CONTINUOUS INTEGRATION
![Page 86: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/86.jpg)
HTTPS://GITHUB.COM/THEGAUNTLET/GAUNTLT
![Page 87: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/87.jpg)
LETS LOOK INSIDE A COUPLE OF THESE FILES
![Page 88: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/88.jpg)
@gauntlet @run
Feature: Run nmap against a target and pass the value of the hostname from the profile.xml.
Background: Given nmap is installed
Scenario: Verify server is available on standard web ports Given the hostname in the profile.xml When I run nmap against the hostname in the profile on ports 80,443 Then the output should contain: """ 80/tcp open http 443/tcp open https """
feature for nmap:nmap.feature
![Page 89: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/89.jpg)
Given /^nmap is installed$/ do steps %{ When I run `which nmap` Then the output should contain: """ nmap """ } end
When /^I run nmap against the hostname in the profile on ports (\d+),(\d+)$/ do |arg2, arg3| steps %{ When I run `nmap \"#{@hostname}\" -p80,443` }end
step definition for nmap:nmap.rb
![Page 90: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/90.jpg)
wickett$ gauntlt
@gauntlet @runFeature: Run nmap against a target and pass the value of the hostname from the profile.xml.
Background: # features/nmap/nmap.feature:5 Given nmap is installed # features/step_definitions/nmap.rb:2
Scenario: Verify server is available on standard web ports # features/nmap/nmap.feature:8 Given the hostname in the profile.xml # features/step_definitions/profile.rb:1 When I run nmap against the hostname in the profile on ports 8080,443 # features/step_definitions/nmap.rb:12 Then the output should contain: # aruba-0.4.11/lib/aruba/cucumber.rb:98 """ 8080/tcp open http 443/tcp open https """...
Failing Scenarios:cucumber features/nmap/nmap.feature:8 # Scenario: Verify server is available on standard web ports
1 scenario (1 failed)4 steps (1 failed, 3 passed)0m0.341s
running gauntlt with failing tests
![Page 91: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/91.jpg)
wickett$ gauntlt
@gauntlet @runFeature: Run nmap against a target and pass the value of the hostname from the profile.xml.
Background: # features/nmap/nmap.feature:5 Given nmap is installed # features/step_definitions/nmap.rb:2
Scenario: Verify server is available on standard web ports # features/nmap/nmap.feature:8 Given the hostname in the profile.xml # features/step_definitions/profile.rb:1 When I run nmap against the hostname in the profile on ports 80,443 # features/step_definitions/nmap.rb:12 Then the output should contain: # aruba-0.4.11/lib/aruba/cucumber.rb:98 """ 80/tcp open http 443/tcp open https """
1 scenario (1 passed)4 steps (4 passed)0m1.117s
running gauntlt with passing tests
![Page 92: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/92.jpg)
![Page 93: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/93.jpg)
RESOURCES
![Page 94: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/94.jpg)
WANT TO JOIN THE GAUNTLT TEAM?EMAIL [email protected]
![Page 95: Putting Rugged Into your DevOps Toolchain](https://reader038.vdocuments.us/reader038/viewer/2022110115/54b822b94a795940358b4606/html5/thumbnails/95.jpg)
Please get in touch with me:
@wickett@RuggedDevOps@gauntlt