SlideShare ist ein Scribd-Unternehmen logo

What did you inspec?

Gratien D'haese
Gratien D'haese

Presentation given at the Config Management Camp 2019 (Ghent, Belgium) conference

Internet
1 von 35
Downloaden Sie, um offline zu lesen
What did you InSpec? https://github.com/gdha/inspec- cfgmgmtcamp-ghent-2019 Gratien D'haese IT3 Consultants
2019 - Gratien D'haese What did you InSpec? 2 Who am I? ● Gratien D'haese ● IT3 Consultants (company) ● > 30 years Unix experience ● Unix/Linux Engineer (incl. DevOps) ● Web: it3.be ● Relax-and-Recover (ReaR) ● Linux disaster recovery framework ● Open Source pages: https://github.com/gdha
2019 - Gratien D'haese What did you InSpec? 3 Bit of history pre-historic times
2019 - Gratien D'haese What did you InSpec? 4 Bit of history power to the Ops ● system administrators = Ops ● powerful shell scripts used for: ● Update ● Control ● Security ● Monitor ● Battle between Ops and Devs ● No CI/CD ● Lots of Change Controls
2019 - Gratien D'haese What did you InSpec? 5 Ops -> DevOps ● it’s everyone’s job now ● Ops tools for devs ● Software engineers (devs) learn ops ● Admins transition to devs
2019 - Gratien D'haese What did you InSpec? 6 DevOps and the rest ● Developers want tests ● Operations want peace ● Compliance Officers want √ ● Security Officers do not want holes
2019 - Gratien D'haese What did you InSpec? 7 What is InSpec ● InSpec is an open-source testing frameworktesting framework provided by Chef ● Human-readable language for specifying compliance, security and policy requirements ● Extensible language ● Re-usable ● Command-line ● Integrates with Test Kitchen
2019 - Gratien D'haese What did you InSpec? 8 What InSpec is not ● Is not a capacity planning tool ● Is not a monitoring tool ● Is not a logging tool ● Is not a configuration management tool ● Is not a firewall tool ● Is not a intrusion detection tool
2019 - Gratien D'haese What did you InSpec? 9 Why using InSpec? ● Less scripts for verification required ● One Language for many platforms ● Easy to read ● Easy to hand-over ● Easy to share ● Big collection of ready to use profiles ● Excellent documentation ● No need to be a nerd
2019 - Gratien D'haese What did you InSpec? 10 Features of InSpec ● Supports many Operating Systems ● Linux ● Mac/OS ● BSD, Solaris, AIX, HP-UX ● Windows ● Supports many Hypervisors, VMs, bare-metal ● Support different Cloud Providers ● Supports docker ● Supports DBs
2019 - Gratien D'haese What did you InSpec? 11 Why should you care? ● Do you want to be the next? New Data Breach exposes 57 million records https://blog.hackenproof.com/industry-news/new-data- breach-exposes-57-million-records/ ● Protection of your assets – data (security) ● IQ/OQ Compliance ● System validation after major changes ● CI/CD integration checks
2019 - Gratien D'haese What did you InSpec? 12 Idiot proof # inspec exec https://github.com/lnxchk/inspec- profile-wannacry-exploit/archive/master.tar.gz -i ./insecure_keys/vagrant.private -t ssh://root@server Profile: WannaCry Exploit Mitigation Status (wannacry-exploit) Version: 0.2.0 Target: ssh://root@server:22 × WannaCry Vulnerability Check: Hot-fix mitigation check for WannaCry Ransomware vulnerability (23 failed) Can you guess what is wrong with above test?
2019 - Gratien D'haese What did you InSpec? 13 Wannacry on Windows # inspec exec https://github.com/lnxchk/inspec- profile-wannacry-exploit/archive/master.tar.gz -t winrm://administrator@10.180.4.12 --password xxxx Profile: WannaCry Exploit Mitigation Status (wannacry-exploit) Version: 0.2.0 Target: winrm://administrator@http://10.180.4.12:5985/wsman:3389 ✔ WannaCry Vulnerability Check: Hot-fix mitigation check for WannaCry Ransomware vulnerability ✔ WMI with {:class=>"win32_quickfixengineering", :filter=>"HotFixID = 'KB4012213'"} InstalledOn should not eq nil Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 1 successful, 0 failures, 0 skipped
2019 - Gratien D'haese What did you InSpec? 14 InSpec Basics ● Start with a demo – mychefdk container ● Launch the container and use inspec to check for my account ● Check inside the container ● Check from outside the container ● Run cookbook myaccount inside the container ● Re-run the checks again
2019 - Gratien D'haese What did you InSpec? 15 InSpec Basics (continued) ● Download from https://www.inspec.io/ ● Open Source at GitHub: https://github.com/inspec/inspec ● Resources ● InSpec uses built-in resources for common services, system files and configurations https://www.inspec.io/docs/reference/resources/ ● Resources work on many Linux platforms, and also on Windows
2019 - Gratien D'haese What did you InSpec? 16 InSpec resources ● OS resources ● apache ● bond ● command ● directory ● docker ● etc_fstab ● group ● mssql_session ● and so on ● Cloud resources ● AWS ● Azure ● Google
2019 - Gratien D'haese What did you InSpec? 17 unless os.windows? # This is an example test, replace with your own test. describe user('root') do it { should exist } end describe user('gdha') do it { should exist } its('uid') { should eq 501 } its('group') { should eq 'users'} its('home') { should eq '/home/gdha' } its('shell') { should eq '/bin/bash' } end end describe port(80) do it { should_not be_listening } end Resource Matcher
2019 - Gratien D'haese What did you InSpec? 18 Matchers ● should exist ● should be_in ● should_not match /blabla/ ● should eq ● should_not eq ● should cmp ● https://www.inspec.io/docs/reference/matchers/
2019 - Gratien D'haese What did you InSpec? 19 Profiles ● Profiles is about sharing and caring ● Built around “controls” that can be reviewed ● Each profile can have multiple tests ● Include profiles from outside this test ● Profiles can be published to be re-used ● More at https://www.inspec.io/docs/reference/profiles/
2019 - Gratien D'haese What did you InSpec? 20 Profiles (continued) $ inspec init profile dockerprofile Create new profile at /Users/gdha/data/projects/inspec/dockerprofile • Create directory libraries • Create file README.md • Create directory controls • Create file controls/example.rb • Create file inspec.yml • Create file libraries/.gitkeep Add more tests under this directory
2019 - Gratien D'haese What did you InSpec? 21 Inspec shell root@c26e2f2d7904:/# inspec shell Welcome to the interactive InSpec Shell To find out how to use it, type: help You are currently running on: Name: ubuntu Families: debian, linux, unix, os Release: 18.04 Arch: x86_64 inspec> help inspec> command('uname -s').stdout => "Linuxn"
2019 - Gratien D'haese What did you InSpec? 22 Inspec shell (continued) inspec> describe file('/etc/gshadow') do inspec> it { should be_owned_by 'root' } inspec> end Profile: inspec-shell Version: (not specified) File /etc/gshadow ✔ should be owned by "root" Test Summary: 1 successful, 0 failures, 0 skipped
2019 - Gratien D'haese What did you InSpec? 23 Example: source control file $ cat inspec-path-check/controls/path.rb title 'DOT in PATH variable' control 'path-1.0' do # A unique ID for this control impact 1.0 # The criticality, if this control fails. title 'DOT in PATH variable' desc 'An optional description...' describe os_env('PATH') do # The actual test its('split') { should_not include('') } its('split') { should_not include('.') } end end
2019 - Gratien D'haese What did you InSpec? 24 Profiles ● InSpec profiles allow you to share and pack sets of tests ● Built around controls (see previous example) ● Profiles can have multiple tests ● May depend on external profiles ● Publishing of your profiles is possible ● inspec init profile <profile-name> ● inspec check <profile-name>
2019 - Gratien D'haese What did you InSpec? 25 Running inspec ● Inspec on command line ● Can run locally on this machine ● inspec exec profile-name ● Run remotely via target option ● inspec exec profile-name -i pub.key -t ssh://user@system ● inspec exec profile-name -t winrm://administrator@system --password secret ● Run via test kitchen
2019 - Gratien D'haese What did you InSpec? 26 Excute a local path $ inspec exec inspec-path-check $ inspec exec /full/path/to/inspec-path-check Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: local:// ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped
2019 - Gratien D'haese What did you InSpec? 27 Execute a GIT repo $ inspec exec https://github.com/gdha/inspec-path-check [2019-01-16T18:10:26+01:00] WARN: URL target https://github.com/gdha/inspec-path-check transformed to https://github.com/gdha/inspec-path- check/archive/master.tar.gz. Consider using the git fetcher Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: local:// ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped
2019 - Gratien D'haese What did you InSpec? 28 Execute in a docker container $ inspec exec -t docker://c26e2f2d7904 inspec-path-check Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: docker://c26e2f2d79041252b2646baea3d64f18f52eea9b45a2443f3325a9 4221e10a4e ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped
2019 - Gratien D'haese What did you InSpec? 29 Execute inspec remotely $ inspec exec -t ssh://client --password vagrant ../path-check/ Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: ssh://root@client:22 ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped $ inspec exec -t winrm://admin@windows --password xx ../patch-check
2019 - Gratien D'haese What did you InSpec? 30 Using InSpec with Test Kitchen driver: name: vagrant provisioner: name: chef_zero verifier: name: inspec platforms: - name: centos-7.6 suites: - name: default run_list: - recipe[nginx_test::default] verifier: inspec_tests: - test/integration/default
2019 - Gratien D'haese What did you InSpec? 31 Kitchen verify $ kitchen verify -----> Starting Kitchen (v1.24.0) -----> Verifying <default-centos-76>... Loaded tests from {:path=>".Users.gdha.data.projects.inspec.inspec-cfgmgmtcamp- ghent-2019.cookbooks.nginx_test.test.integration.default"} User root ✔ should exist Port 80 ✔ should be listening System Package nginx ✔ should be installed File /etc/nginx/sites-available/default ✔ should exist Command: `curl localhost` ✔ stdout should match "Welcome" Test Summary: 5 successful, 0 failures, 0 skipped Finished verifying <default-centos-76> (0m0.81s). -----> Kitchen is finished. (0m7.83s)
2019 - Gratien D'haese What did you InSpec? 32 DevSec Linux Security Baseline (linux-baseline) # docker ps CONTAINER ID IMAGE COMMAND 1e2ef5665f9f openshift/base-centos7 ... # inspec exec https://github.com/dev-sec/linux-baseline -t docker://1e2ef5665f9f ✔ os-01: Trusted hosts login ✔ File /etc/hosts.equiv should not exist ✔ os-02: Check owner and permissions for /etc/shadow ✔ File /etc/shadow should exist ✔ File /etc/shadow should be file Profile Summary: 14 successful controls, 3 control failures, 37 controls skipped Test Summary: 53 successful, 8 failures, 37 skipped More details at https://dev-sec.io/
2019 - Gratien D'haese What did you InSpec? 33 ReaR Automated Testing client server recover
2019 - Gratien D'haese What did you InSpec? 34
2019 - Gratien D'haese What did you InSpec? 35 Links ● https://github.com/gdha/inspec-cfgmgmtcamp- ghent-2019 ● https://github.com/inspec/inspec ● https://www.inspec.io/ ● https://www.inspec.io/docs/reference/resources/ ● http://www.it3.be/ ● https://gdha.github.io/rear-automated-testing/ ● mailto:gratien.dhaese@it3.be

Empfohlen

JenkinsPy workshop
JenkinsPy workshop JenkinsPy workshop
JenkinsPy workshop Haifa Ftirich
 
Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808
Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808
Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808Cisco DevNet
 
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...Assign, commit, and review - A developer’s guide to OpenStack contribution-20...
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...OpenCity Community
 
Assign, Commit, and Review
Assign, Commit, and ReviewAssign, Commit, and Review
Assign, Commit, and ReviewZhongyue Luo
 
Nagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios
 
Git
GitGit
GitMajid Hajiloo
 
Nebula: Netflix's OSS Gradle Plugins
Nebula: Netflix's OSS Gradle PluginsNebula: Netflix's OSS Gradle Plugins
Nebula: Netflix's OSS Gradle PluginsRob Spieldenner
 
Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017
Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017
Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017MarcinStachniuk
 

Empfohlen

JenkinsPy workshop
JenkinsPy workshop JenkinsPy workshop
JenkinsPy workshop Haifa Ftirich
 
Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808
Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808
Golang 101 for IT-Pros - Cisco Live Orlando 2018 - DEVNET-1808Cisco DevNet
 
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...Assign, commit, and review - A developer’s guide to OpenStack contribution-20...
Assign, commit, and review - A developer’s guide to OpenStack contribution-20...OpenCity Community
 
Assign, Commit, and Review
Assign, Commit, and ReviewAssign, Commit, and Review
Assign, Commit, and ReviewZhongyue Luo
 
Nagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios Conference 2012 - Mike Weber - NRPE
Nagios Conference 2012 - Mike Weber - NRPENagios
 
Git
GitGit
GitMajid Hajiloo
 
Nebula: Netflix's OSS Gradle Plugins
Nebula: Netflix's OSS Gradle PluginsNebula: Netflix's OSS Gradle Plugins
Nebula: Netflix's OSS Gradle PluginsRob Spieldenner
 
Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017
Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017
Continuous Delivery w projekcie Open Source - Marcin Stachniuk - DevCrowd 2017MarcinStachniuk
 
Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenSonatype
 
Skaffold - faster development on K8S
Skaffold - faster development on K8SSkaffold - faster development on K8S
Skaffold - faster development on K8SHuynh Thai Bao
 
Introducción a git y GitHub
Introducción a git y GitHubIntroducción a git y GitHub
Introducción a git y GitHubLucas Videla
 
Git and Github
Git and GithubGit and Github
Git and GithubWen-Tien Chang
 
Git and github fundamental
Git and github fundamentalGit and github fundamental
Git and github fundamentalRajesh Kumar
 
GitFlow, SourceTree and GitLab
GitFlow, SourceTree and GitLabGitFlow, SourceTree and GitLab
GitFlow, SourceTree and GitLabShinu Suresh
 
An Introduction to Rancher
An Introduction to RancherAn Introduction to Rancher
An Introduction to RancherConner Swann
 
Working with multiple git repositories
Working with multiple git repositoriesWorking with multiple git repositories
Working with multiple git repositoriesJulien Pivotto
 
The everyday developer's guide to version control with Git
The everyday developer's guide to version control with GitThe everyday developer's guide to version control with Git
The everyday developer's guide to version control with GitE Carter
 
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...Edureka!
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Patricia Aas
 
Nagios distributed monitoring for web applications
Nagios distributed monitoring for web applicationsNagios distributed monitoring for web applications
Nagios distributed monitoring for web applicationsFernando Honig
 
Writing Commits for You, Your Friends, and Your Future Self
Writing Commits for You, Your Friends, and Your Future SelfWriting Commits for You, Your Friends, and Your Future Self
Writing Commits for You, Your Friends, and Your Future SelfAll Things Open
 
Introduction to Git and GitHub
Introduction to Git and GitHubIntroduction to Git and GitHub
Introduction to Git and GitHubBioinformatics and Computational Biosciences Branch
 
Git Introduction Tutorial
Git Introduction TutorialGit Introduction Tutorial
Git Introduction TutorialThomas Rausch
 
Android presentation - Gradle ++
Android presentation - Gradle ++Android presentation - Gradle ++
Android presentation - Gradle ++Javier de Pedro López
 
How to Build & Use OpenCL on OpenCV & Android NDK
How to Build & Use OpenCL on OpenCV & Android NDKHow to Build & Use OpenCL on OpenCV & Android NDK
How to Build & Use OpenCL on OpenCV & Android NDKIndustrial Technology Research Institute (ITRI)(工業技術研究院, 工研院)
 
More developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationMore developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationGiulio De Donato
 
Open Source Collaboration With Git And Git Hub
Open Source Collaboration With Git And Git HubOpen Source Collaboration With Git And Git Hub
Open Source Collaboration With Git And Git HubNick Quaranto
 
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...Ontico
 
DevOops & How I hacked you DevopsDays DC June 2015
DevOops & How I hacked you DevopsDays DC June 2015DevOops & How I hacked you DevopsDays DC June 2015
DevOops & How I hacked you DevopsDays DC June 2015Chris Gates
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with pythonroskakori
 

Weitere ähnliche Inhalte

Was ist angesagt?

Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenSonatype
 
Skaffold - faster development on K8S
Skaffold - faster development on K8SSkaffold - faster development on K8S
Skaffold - faster development on K8SHuynh Thai Bao
 
Introducción a git y GitHub
Introducción a git y GitHubIntroducción a git y GitHub
Introducción a git y GitHubLucas Videla
 
Git and github fundamental
Git and github fundamentalGit and github fundamental
Git and github fundamentalRajesh Kumar
 
GitFlow, SourceTree and GitLab
GitFlow, SourceTree and GitLabGitFlow, SourceTree and GitLab
GitFlow, SourceTree and GitLabShinu Suresh
 
An Introduction to Rancher
An Introduction to RancherAn Introduction to Rancher
An Introduction to RancherConner Swann
 
Working with multiple git repositories
Working with multiple git repositoriesWorking with multiple git repositories
Working with multiple git repositoriesJulien Pivotto
 
The everyday developer's guide to version control with Git
The everyday developer's guide to version control with GitThe everyday developer's guide to version control with Git
The everyday developer's guide to version control with GitE Carter
 
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...Edureka!
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Patricia Aas
 
Nagios distributed monitoring for web applications
Nagios distributed monitoring for web applicationsNagios distributed monitoring for web applications
Nagios distributed monitoring for web applicationsFernando Honig
 
Writing Commits for You, Your Friends, and Your Future Self
Writing Commits for You, Your Friends, and Your Future SelfWriting Commits for You, Your Friends, and Your Future Self
Writing Commits for You, Your Friends, and Your Future SelfAll Things Open
 
Git Introduction Tutorial
Git Introduction TutorialGit Introduction Tutorial
Git Introduction TutorialThomas Rausch
 
More developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationMore developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationGiulio De Donato
 
Open Source Collaboration With Git And Git Hub
Open Source Collaboration With Git And Git HubOpen Source Collaboration With Git And Git Hub
Open Source Collaboration With Git And Git HubNick Quaranto
 
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...Ontico
 

Was ist angesagt? (20)

Prepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/GreenPrepare to defend thyself with Blue/Green
Prepare to defend thyself with Blue/Green
 
Skaffold - faster development on K8S
Skaffold - faster development on K8SSkaffold - faster development on K8S
Skaffold - faster development on K8S
 
Introducción a git y GitHub
Introducción a git y GitHubIntroducción a git y GitHub
Introducción a git y GitHub
 
Git and Github
Git and GithubGit and Github
Git and Github
 
Git and github fundamental
Git and github fundamentalGit and github fundamental
Git and github fundamental
 
GitFlow, SourceTree and GitLab
GitFlow, SourceTree and GitLabGitFlow, SourceTree and GitLab
GitFlow, SourceTree and GitLab
 
An Introduction to Rancher
An Introduction to RancherAn Introduction to Rancher
An Introduction to Rancher
 
Working with multiple git repositories
Working with multiple git repositoriesWorking with multiple git repositories
Working with multiple git repositories
 
The everyday developer's guide to version control with Git
The everyday developer's guide to version control with GitThe everyday developer's guide to version control with Git
The everyday developer's guide to version control with Git
 
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
What is Git | What is GitHub | Git Tutorial | GitHub Tutorial | Devops Tutori...
 
Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)Secure Programming Practices in C++ (NDC Oslo 2018)
Secure Programming Practices in C++ (NDC Oslo 2018)
 
Nagios distributed monitoring for web applications
Nagios distributed monitoring for web applicationsNagios distributed monitoring for web applications
Nagios distributed monitoring for web applications
 
Writing Commits for You, Your Friends, and Your Future Self
Writing Commits for You, Your Friends, and Your Future SelfWriting Commits for You, Your Friends, and Your Future Self
Writing Commits for You, Your Friends, and Your Future Self
 
Introduction to Git and GitHub
Introduction to Git and GitHubIntroduction to Git and GitHub
Introduction to Git and GitHub
 
Git Introduction Tutorial
Git Introduction TutorialGit Introduction Tutorial
Git Introduction Tutorial
 
Android presentation - Gradle ++
Android presentation - Gradle ++Android presentation - Gradle ++
Android presentation - Gradle ++
 
How to Build & Use OpenCL on OpenCV & Android NDK
How to Build & Use OpenCL on OpenCV & Android NDKHow to Build & Use OpenCL on OpenCV & Android NDK
How to Build & Use OpenCL on OpenCV & Android NDK
 
More developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestrationMore developers on DevOps with Docker orchestration
More developers on DevOps with Docker orchestration
 
Open Source Collaboration With Git And Git Hub
Open Source Collaboration With Git And Git HubOpen Source Collaboration With Git And Git Hub
Open Source Collaboration With Git And Git Hub
 
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
Мониторинг облачной CI-системы на примере Jenkins / Александр Акбашев (HERE T...
 

Ähnlich wie What did you inspec?

DevOops & How I hacked you DevopsDays DC June 2015
DevOops & How I hacked you DevopsDays DC June 2015DevOops & How I hacked you DevopsDays DC June 2015
DevOops & How I hacked you DevopsDays DC June 2015Chris Gates
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with pythonroskakori
 
My "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsMy "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsGR8Conf
 
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015Chris Gates
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Annie Huang
 
Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Joel W. King
 
Prescriptive System Security with InSpec
Prescriptive System Security with InSpecPrescriptive System Security with InSpec
Prescriptive System Security with InSpecAll Things Open
 
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Mandi Walls
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis OverviewLeo Lorieri
 
How To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub CloneHow To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub CloneVEXXHOST Private Cloud
 
DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...
DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...
DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...Felipe Prado
 
Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017Mohamad Hassan
 
Github - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsGithub - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsLee Hanxue
 
LasCon 2014 DevOoops
LasCon 2014 DevOoops LasCon 2014 DevOoops
LasCon 2014 DevOoops Chris Gates
 
Workflow story: Theory versus Practice in large enterprises by Marcin Piebiak
Workflow story: Theory versus Practice in large enterprises by Marcin PiebiakWorkflow story: Theory versus Practice in large enterprises by Marcin Piebiak
Workflow story: Theory versus Practice in large enterprises by Marcin PiebiakNETWAYS
 
Workflow story: Theory versus practice in Large Enterprises
Workflow story: Theory versus practice in Large EnterprisesWorkflow story: Theory versus practice in Large Enterprises
Workflow story: Theory versus practice in Large EnterprisesPuppet
 
Unix Command Line Productivity Tips
Unix Command Line Productivity TipsUnix Command Line Productivity Tips
Unix Command Line Productivity TipsKeith Bennett
 
NuGet beyond Hello World - DotNext Piter 2017
NuGet beyond Hello World - DotNext Piter 2017NuGet beyond Hello World - DotNext Piter 2017
NuGet beyond Hello World - DotNext Piter 2017Maarten Balliauw
 

Ähnlich wie What did you inspec? (20)

DevOops & How I hacked you DevopsDays DC June 2015
DevOops & How I hacked you DevopsDays DC June 2015DevOops & How I hacked you DevopsDays DC June 2015
DevOops & How I hacked you DevopsDays DC June 2015
 
Open source projects with python
Open source projects with pythonOpen source projects with python
Open source projects with python
 
My "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails ProjectsMy "Perfect" Toolchain Setup for Grails Projects
My "Perfect" Toolchain Setup for Grails Projects
 
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
Devoops: DoJ Annual Cybersecurity Training Symposium Edition 2015
 
Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD Webinar - Unbox GitLab CI/CD
Webinar - Unbox GitLab CI/CD
 
Introduction to Git and Github
Introduction to Git and GithubIntroduction to Git and Github
Introduction to Git and Github
 
Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)Introduction to Git for Network Engineers (Lab Guide)
Introduction to Git for Network Engineers (Lab Guide)
 
Prescriptive System Security with InSpec
Prescriptive System Security with InSpecPrescriptive System Security with InSpec
Prescriptive System Security with InSpec
 
Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019Prescriptive Security with InSpec - All Things Open 2019
Prescriptive Security with InSpec - All Things Open 2019
 
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
[EXTENDED] Ceph, Docker, Heroku Slugs, CoreOS and Deis Overview
 
How To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub CloneHow To Install GitLab As Your Private GitHub Clone
How To Install GitLab As Your Private GitHub Clone
 
DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...
DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...
DEF CON 27 - workshop - ISAAC EVANS - discover exploit and eradicate entire v...
 
Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017Splunk n-box-splunk conf-2017
Splunk n-box-splunk conf-2017
 
Github - Git Training Slides: Foundations
Github - Git Training Slides: FoundationsGithub - Git Training Slides: Foundations
Github - Git Training Slides: Foundations
 
LasCon 2014 DevOoops
LasCon 2014 DevOoops LasCon 2014 DevOoops
LasCon 2014 DevOoops
 
Workflow story: Theory versus Practice in large enterprises by Marcin Piebiak
Workflow story: Theory versus Practice in large enterprises by Marcin PiebiakWorkflow story: Theory versus Practice in large enterprises by Marcin Piebiak
Workflow story: Theory versus Practice in large enterprises by Marcin Piebiak
 
Workflow story: Theory versus practice in Large Enterprises
Workflow story: Theory versus practice in Large EnterprisesWorkflow story: Theory versus practice in Large Enterprises
Workflow story: Theory versus practice in Large Enterprises
 
Unix Command Line Productivity Tips
Unix Command Line Productivity TipsUnix Command Line Productivity Tips
Unix Command Line Productivity Tips
 
R sharing 101
R sharing 101R sharing 101
R sharing 101
 
NuGet beyond Hello World - DotNext Piter 2017
NuGet beyond Hello World - DotNext Piter 2017NuGet beyond Hello World - DotNext Piter 2017
NuGet beyond Hello World - DotNext Piter 2017
 

Mehr von Gratien D'haese

Open Technology Assemby Open Source Support Program
Open Technology Assemby Open Source Support ProgramOpen Technology Assemby Open Source Support Program
Open Technology Assemby Open Source Support ProgramGratien D'haese
 
Rear automated testing with Bareos
Rear automated testing with BareosRear automated testing with Bareos
Rear automated testing with BareosGratien D'haese
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated TestingGratien D'haese
 
Business Continuity Planning with Bareos and rear (Loadays 2015)
Business Continuity Planning with Bareos and rear (Loadays 2015)Business Continuity Planning with Bareos and rear (Loadays 2015)
Business Continuity Planning with Bareos and rear (Loadays 2015)Gratien D'haese
 
Upgrade ux-fosdem-2015-gdhaese
Upgrade ux-fosdem-2015-gdhaeseUpgrade ux-fosdem-2015-gdhaese
Upgrade ux-fosdem-2015-gdhaeseGratien D'haese
 
Linux Disaster Recovery Best Practices with rear
Linux Disaster Recovery Best Practices with rearLinux Disaster Recovery Best Practices with rear
Linux Disaster Recovery Best Practices with rearGratien D'haese
 
Linux Disaster Recovery Solutions
Linux Disaster Recovery SolutionsLinux Disaster Recovery Solutions
Linux Disaster Recovery SolutionsGratien D'haese
 

Mehr von Gratien D'haese (11)

Open Technology Assemby Open Source Support Program
Open Technology Assemby Open Source Support ProgramOpen Technology Assemby Open Source Support Program
Open Technology Assemby Open Source Support Program
 
Rear automated testing with Bareos
Rear automated testing with BareosRear automated testing with Bareos
Rear automated testing with Bareos
 
Relax-and-Recover Automated Testing
Relax-and-Recover Automated TestingRelax-and-Recover Automated Testing
Relax-and-Recover Automated Testing
 
Business Continuity Planning with Bareos and rear (Loadays 2015)
Business Continuity Planning with Bareos and rear (Loadays 2015)Business Continuity Planning with Bareos and rear (Loadays 2015)
Business Continuity Planning with Bareos and rear (Loadays 2015)
 
Upgrade ux-fosdem-2015-gdhaese
Upgrade ux-fosdem-2015-gdhaeseUpgrade ux-fosdem-2015-gdhaese
Upgrade ux-fosdem-2015-gdhaese
 
Cfg2html fosdem2014
Cfg2html fosdem2014Cfg2html fosdem2014
Cfg2html fosdem2014
 
Adhocr T-dose 2012
Adhocr T-dose 2012Adhocr T-dose 2012
Adhocr T-dose 2012
 
LinuxTag2012 Rear
LinuxTag2012 RearLinuxTag2012 Rear
LinuxTag2012 Rear
 
Linux Disaster Recovery Best Practices with rear
Linux Disaster Recovery Best Practices with rearLinux Disaster Recovery Best Practices with rear
Linux Disaster Recovery Best Practices with rear
 
Exploring I Pv6
Exploring I Pv6Exploring I Pv6
Exploring I Pv6
 
Linux Disaster Recovery Solutions
Linux Disaster Recovery SolutionsLinux Disaster Recovery Solutions
Linux Disaster Recovery Solutions
 

Kürzlich hochgeladen

Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsPriya Reddy
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge GraphsEleniIlkou
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查ydyuyu
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...kumargunjan9515
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasDigicorns Technologies
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrHenryBriggs2
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsMonica Sydney
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdfMatthew Sinclair
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Roommeghakumariji156
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...gajnagarg
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"growthgrids
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查ydyuyu
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查ydyuyu
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsMonica Sydney
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样ayvbos
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdfMatthew Sinclair
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...meghakumariji156
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Balliameghakumariji156
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdfMatthew Sinclair
 

Kürzlich hochgeladen (20)

Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call GirlsMira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
Mira Road Housewife Call Girls 07506202331, Nalasopara Call Girls
 
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
2nd Solid Symposium: Solid Pods vs Personal Knowledge Graphs
 
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查在线制作约克大学毕业证(yu毕业证)在读证明认证可查
在线制作约克大学毕业证(yu毕业证)在读证明认证可查
 
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
Local Call Girls in Seoni 9332606886 HOT & SEXY Models beautiful and charmin...
 
Best SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency DallasBest SEO Services Company in Dallas | Best SEO Agency Dallas
Best SEO Services Company in Dallas | Best SEO Agency Dallas
 
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrStory Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
Story Board.pptxrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrrr
 
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
call girls in Anand Vihar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi EscortsIndian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
Indian Escort in Abu DHabi 0508644382 Abu Dhabi Escorts
 
20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf20240508 QFM014 Elixir Reading List April 2024.pdf
20240508 QFM014 Elixir Reading List April 2024.pdf
 
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac RoomVip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
Vip Firozabad Phone 8250092165 Escorts Service At 6k To 30k Along With Ac Room
 
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
Top profile Call Girls In Dindigul [ 7014168258 ] Call Me For Genuine Models ...
 
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency""Boost Your Digital Presence: Partner with a Leading SEO Agency"
"Boost Your Digital Presence: Partner with a Leading SEO Agency"
 
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
原版制作美国爱荷华大学毕业证(iowa毕业证书)学位证网上存档可查
 
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
哪里办理美国迈阿密大学毕业证(本硕)umiami在读证明存档可查
 
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi EscortsRussian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
Russian Escort Abu Dhabi 0503464457 Abu DHabi Escorts
 
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
一比一原版(Flinders毕业证书)弗林德斯大学毕业证原件一模一样
 
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
20240509 QFM015 Engineering Leadership Reading List April 2024.pdf
 
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
Tadepalligudem Escorts Service Girl ^ 9332606886, WhatsApp Anytime Tadepallig...
 
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime BalliaBallia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
Ballia Escorts Service Girl ^ 9332606886, WhatsApp Anytime Ballia
 
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
20240507 QFM013 Machine Intelligence Reading List April 2024.pdf
 

What did you inspec?

  • 1. What did you InSpec? https://github.com/gdha/inspec- cfgmgmtcamp-ghent-2019 Gratien D'haese IT3 Consultants
  • 2. 2019 - Gratien D'haese What did you InSpec? 2 Who am I? ● Gratien D'haese ● IT3 Consultants (company) ● > 30 years Unix experience ● Unix/Linux Engineer (incl. DevOps) ● Web: it3.be ● Relax-and-Recover (ReaR) ● Linux disaster recovery framework ● Open Source pages: https://github.com/gdha
  • 3. 2019 - Gratien D'haese What did you InSpec? 3 Bit of history pre-historic times
  • 4. 2019 - Gratien D'haese What did you InSpec? 4 Bit of history power to the Ops ● system administrators = Ops ● powerful shell scripts used for: ● Update ● Control ● Security ● Monitor ● Battle between Ops and Devs ● No CI/CD ● Lots of Change Controls
  • 5. 2019 - Gratien D'haese What did you InSpec? 5 Ops -> DevOps ● it’s everyone’s job now ● Ops tools for devs ● Software engineers (devs) learn ops ● Admins transition to devs
  • 6. 2019 - Gratien D'haese What did you InSpec? 6 DevOps and the rest ● Developers want tests ● Operations want peace ● Compliance Officers want √ ● Security Officers do not want holes
  • 7. 2019 - Gratien D'haese What did you InSpec? 7 What is InSpec ● InSpec is an open-source testing frameworktesting framework provided by Chef ● Human-readable language for specifying compliance, security and policy requirements ● Extensible language ● Re-usable ● Command-line ● Integrates with Test Kitchen
  • 8. 2019 - Gratien D'haese What did you InSpec? 8 What InSpec is not ● Is not a capacity planning tool ● Is not a monitoring tool ● Is not a logging tool ● Is not a configuration management tool ● Is not a firewall tool ● Is not a intrusion detection tool
  • 9. 2019 - Gratien D'haese What did you InSpec? 9 Why using InSpec? ● Less scripts for verification required ● One Language for many platforms ● Easy to read ● Easy to hand-over ● Easy to share ● Big collection of ready to use profiles ● Excellent documentation ● No need to be a nerd
  • 10. 2019 - Gratien D'haese What did you InSpec? 10 Features of InSpec ● Supports many Operating Systems ● Linux ● Mac/OS ● BSD, Solaris, AIX, HP-UX ● Windows ● Supports many Hypervisors, VMs, bare-metal ● Support different Cloud Providers ● Supports docker ● Supports DBs
  • 11. 2019 - Gratien D'haese What did you InSpec? 11 Why should you care? ● Do you want to be the next? New Data Breach exposes 57 million records https://blog.hackenproof.com/industry-news/new-data- breach-exposes-57-million-records/ ● Protection of your assets – data (security) ● IQ/OQ Compliance ● System validation after major changes ● CI/CD integration checks
  • 12. 2019 - Gratien D'haese What did you InSpec? 12 Idiot proof # inspec exec https://github.com/lnxchk/inspec- profile-wannacry-exploit/archive/master.tar.gz -i ./insecure_keys/vagrant.private -t ssh://root@server Profile: WannaCry Exploit Mitigation Status (wannacry-exploit) Version: 0.2.0 Target: ssh://root@server:22 × WannaCry Vulnerability Check: Hot-fix mitigation check for WannaCry Ransomware vulnerability (23 failed) Can you guess what is wrong with above test?
  • 13. 2019 - Gratien D'haese What did you InSpec? 13 Wannacry on Windows # inspec exec https://github.com/lnxchk/inspec- profile-wannacry-exploit/archive/master.tar.gz -t winrm://administrator@10.180.4.12 --password xxxx Profile: WannaCry Exploit Mitigation Status (wannacry-exploit) Version: 0.2.0 Target: winrm://administrator@http://10.180.4.12:5985/wsman:3389 ✔ WannaCry Vulnerability Check: Hot-fix mitigation check for WannaCry Ransomware vulnerability ✔ WMI with {:class=>"win32_quickfixengineering", :filter=>"HotFixID = 'KB4012213'"} InstalledOn should not eq nil Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 1 successful, 0 failures, 0 skipped
  • 14. 2019 - Gratien D'haese What did you InSpec? 14 InSpec Basics ● Start with a demo – mychefdk container ● Launch the container and use inspec to check for my account ● Check inside the container ● Check from outside the container ● Run cookbook myaccount inside the container ● Re-run the checks again
  • 15. 2019 - Gratien D'haese What did you InSpec? 15 InSpec Basics (continued) ● Download from https://www.inspec.io/ ● Open Source at GitHub: https://github.com/inspec/inspec ● Resources ● InSpec uses built-in resources for common services, system files and configurations https://www.inspec.io/docs/reference/resources/ ● Resources work on many Linux platforms, and also on Windows
  • 16. 2019 - Gratien D'haese What did you InSpec? 16 InSpec resources ● OS resources ● apache ● bond ● command ● directory ● docker ● etc_fstab ● group ● mssql_session ● and so on ● Cloud resources ● AWS ● Azure ● Google
  • 17. 2019 - Gratien D'haese What did you InSpec? 17 unless os.windows? # This is an example test, replace with your own test. describe user('root') do it { should exist } end describe user('gdha') do it { should exist } its('uid') { should eq 501 } its('group') { should eq 'users'} its('home') { should eq '/home/gdha' } its('shell') { should eq '/bin/bash' } end end describe port(80) do it { should_not be_listening } end Resource Matcher
  • 18. 2019 - Gratien D'haese What did you InSpec? 18 Matchers ● should exist ● should be_in ● should_not match /blabla/ ● should eq ● should_not eq ● should cmp ● https://www.inspec.io/docs/reference/matchers/
  • 19. 2019 - Gratien D'haese What did you InSpec? 19 Profiles ● Profiles is about sharing and caring ● Built around “controls” that can be reviewed ● Each profile can have multiple tests ● Include profiles from outside this test ● Profiles can be published to be re-used ● More at https://www.inspec.io/docs/reference/profiles/
  • 20. 2019 - Gratien D'haese What did you InSpec? 20 Profiles (continued) $ inspec init profile dockerprofile Create new profile at /Users/gdha/data/projects/inspec/dockerprofile • Create directory libraries • Create file README.md • Create directory controls • Create file controls/example.rb • Create file inspec.yml • Create file libraries/.gitkeep Add more tests under this directory
  • 21. 2019 - Gratien D'haese What did you InSpec? 21 Inspec shell root@c26e2f2d7904:/# inspec shell Welcome to the interactive InSpec Shell To find out how to use it, type: help You are currently running on: Name: ubuntu Families: debian, linux, unix, os Release: 18.04 Arch: x86_64 inspec> help inspec> command('uname -s').stdout => "Linuxn"
  • 22. 2019 - Gratien D'haese What did you InSpec? 22 Inspec shell (continued) inspec> describe file('/etc/gshadow') do inspec> it { should be_owned_by 'root' } inspec> end Profile: inspec-shell Version: (not specified) File /etc/gshadow ✔ should be owned by "root" Test Summary: 1 successful, 0 failures, 0 skipped
  • 23. 2019 - Gratien D'haese What did you InSpec? 23 Example: source control file $ cat inspec-path-check/controls/path.rb title 'DOT in PATH variable' control 'path-1.0' do # A unique ID for this control impact 1.0 # The criticality, if this control fails. title 'DOT in PATH variable' desc 'An optional description...' describe os_env('PATH') do # The actual test its('split') { should_not include('') } its('split') { should_not include('.') } end end
  • 24. 2019 - Gratien D'haese What did you InSpec? 24 Profiles ● InSpec profiles allow you to share and pack sets of tests ● Built around controls (see previous example) ● Profiles can have multiple tests ● May depend on external profiles ● Publishing of your profiles is possible ● inspec init profile <profile-name> ● inspec check <profile-name>
  • 25. 2019 - Gratien D'haese What did you InSpec? 25 Running inspec ● Inspec on command line ● Can run locally on this machine ● inspec exec profile-name ● Run remotely via target option ● inspec exec profile-name -i pub.key -t ssh://user@system ● inspec exec profile-name -t winrm://administrator@system --password secret ● Run via test kitchen
  • 26. 2019 - Gratien D'haese What did you InSpec? 26 Excute a local path $ inspec exec inspec-path-check $ inspec exec /full/path/to/inspec-path-check Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: local:// ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped
  • 27. 2019 - Gratien D'haese What did you InSpec? 27 Execute a GIT repo $ inspec exec https://github.com/gdha/inspec-path-check [2019-01-16T18:10:26+01:00] WARN: URL target https://github.com/gdha/inspec-path-check transformed to https://github.com/gdha/inspec-path- check/archive/master.tar.gz. Consider using the git fetcher Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: local:// ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped
  • 28. 2019 - Gratien D'haese What did you InSpec? 28 Execute in a docker container $ inspec exec -t docker://c26e2f2d7904 inspec-path-check Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: docker://c26e2f2d79041252b2646baea3d64f18f52eea9b45a2443f3325a9 4221e10a4e ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped
  • 29. 2019 - Gratien D'haese What did you InSpec? 29 Execute inspec remotely $ inspec exec -t ssh://client --password vagrant ../path-check/ Profile: PATH check InSpec Profile (path-check) Version: 0.1.0 Target: ssh://root@client:22 ✔ path-1.0: DOT in PATH variable ✔ Environment variable PATH split should not include "" ✔ Environment variable PATH split should not include "." Profile Summary: 1 successful control, 0 control failures, 0 controls skipped Test Summary: 2 successful, 0 failures, 0 skipped $ inspec exec -t winrm://admin@windows --password xx ../patch-check
  • 30. 2019 - Gratien D'haese What did you InSpec? 30 Using InSpec with Test Kitchen driver: name: vagrant provisioner: name: chef_zero verifier: name: inspec platforms: - name: centos-7.6 suites: - name: default run_list: - recipe[nginx_test::default] verifier: inspec_tests: - test/integration/default
  • 31. 2019 - Gratien D'haese What did you InSpec? 31 Kitchen verify $ kitchen verify -----> Starting Kitchen (v1.24.0) -----> Verifying <default-centos-76>... Loaded tests from {:path=>".Users.gdha.data.projects.inspec.inspec-cfgmgmtcamp- ghent-2019.cookbooks.nginx_test.test.integration.default"} User root ✔ should exist Port 80 ✔ should be listening System Package nginx ✔ should be installed File /etc/nginx/sites-available/default ✔ should exist Command: `curl localhost` ✔ stdout should match "Welcome" Test Summary: 5 successful, 0 failures, 0 skipped Finished verifying <default-centos-76> (0m0.81s). -----> Kitchen is finished. (0m7.83s)
  • 32. 2019 - Gratien D'haese What did you InSpec? 32 DevSec Linux Security Baseline (linux-baseline) # docker ps CONTAINER ID IMAGE COMMAND 1e2ef5665f9f openshift/base-centos7 ... # inspec exec https://github.com/dev-sec/linux-baseline -t docker://1e2ef5665f9f ✔ os-01: Trusted hosts login ✔ File /etc/hosts.equiv should not exist ✔ os-02: Check owner and permissions for /etc/shadow ✔ File /etc/shadow should exist ✔ File /etc/shadow should be file Profile Summary: 14 successful controls, 3 control failures, 37 controls skipped Test Summary: 53 successful, 8 failures, 37 skipped More details at https://dev-sec.io/
  • 33. 2019 - Gratien D'haese What did you InSpec? 33 ReaR Automated Testing client server recover
  • 34. 2019 - Gratien D'haese What did you InSpec? 34
  • 35. 2019 - Gratien D'haese What did you InSpec? 35 Links ● https://github.com/gdha/inspec-cfgmgmtcamp- ghent-2019 ● https://github.com/inspec/inspec ● https://www.inspec.io/ ● https://www.inspec.io/docs/reference/resources/ ● http://www.it3.be/ ● https://gdha.github.io/rear-automated-testing/ ● mailto:gratien.dhaese@it3.be