@@ -15,18 +15,7 @@ In this lab, you will learn how to scan for vulnerabilities in your containers.
> In this section you will define a job that builds a Docker image. To build a Docker image with a CI/CD pipeline job, you must use a GitLab Runner that's configured to use a Docker executor.
1. Navigate to your 'Security Labs' project
1. Select the **Dockerfile** file, and Select **Edit > Edit single file**.
1. Remove the previous content, and add the following lines instead:
```Dockerfile
FROM python:3.4-alpine
ADD main.py .
```
1. Select **Commit changes**, and keep the **Commit to the current main branch** selected. Select **Commit changes**.
1. Navigate to your **Security Labs** project.
1. Navigate to **Code > Repository** and edit `.gitlab-ci.yml`.
@@ -102,52 +102,23 @@ To test out DAST scans, we are going to set up an instance of a vulnerability we
API scanners allow you to scan your application API endpoints for potential vulnerabilities. To demonstrate this process, we will use an application template which contains an API configuration.
1. Navigate to your ILT group, which will be named **My Test Group - XXXX**, where the X's will be replaced with your username.
1. Select **New project**.
1. Select **Create from template**.
1. Select the **Instance** tab.
1. Select **Use template** next to the **Security Essentials Labs** template.
1. For **Project name**, input `API Scanner Demo`.
1. Select **Create project**.
1. Navigate to your **Security Labs** project.
1. Take some time here to review the `postman_collection.json` file. This file contains the definitions required to run API scanning against the application in this project. After reviewing the file and structure, you can proceed with enabling API scanning.
1.Create a `.gitlab-ci.yml` file by clicking on the **+ > New file** and naming the file`.gitlab-ci.yml`.
1.Navigate to **Code > Repository** and edit`.gitlab-ci.yml`.
1. To add API scanning to our container, define the `dast` stage and add the API security template.
