Skip to content

Docs

GitLab Container Host Security Demo

Docs

gitlab-examples
gitlab-examples
- WebGoat
  WebGoat
- aws-sam
  aws-sam
- backend-controller
  backend-controller
- ci-debug-trace
  ci-debug-trace
- clojure-web-application
  clojure-web-application
  - Doc
- cluster-management
  cluster-management
- corporate-website
  corporate-website
  - Changelog
- cpp-example
  cpp-example
- customer-upload-tool
  customer-upload-tool
- customer-web-portal
  customer-web-portal
- customer-web-portal-security-policy-project
  customer-web-portal-security-policy-project
- datagenerator
  datagenerator
- docker
  docker
- docker-cloud
  docker-cloud
- example-mini-flux-deployment
  example-mini-flux-deployment
- github-release-watcher
  github-release-watcher
- gitlab-examples-security-policy-project
  gitlab-examples-security-policy-project
- gitlab-examples.gitlab.io
  gitlab-examples.gitlab.io
- gitlab-game-demo
  gitlab-game-demo
  - Doc
- hello-world-service
  hello-world-service
- hello-world-service-gitops
  hello-world-service-gitops
- install-runner-via-k8s-agent
  install-runner-via-k8s-agent
- julia
  julia
  - License
  - Src
- k8s-agents
  k8s-agents
  - Gitlab-Agent
- knative-kotlin-app
  knative-kotlin-app
- knative-node-app
  knative-node-app
- knative-ruby-app
  knative-ruby-app
- knative-vertx-app
  knative-vertx-app
- kubecost-cost-model
  kubecost-cost-model
- kubernetes-deploy
  kubernetes-deploy
- kubernetes-example
  kubernetes-example
- latest-pipeline-test
  latest-pipeline-test
- lfs
  lfs
- metrics
  metrics
- microservice
  microservice
- mikec-webgoat
  mikec-webgoat
- mission-control
  mission-control
  - Certs
- mobile-app
  mobile-app
  - Contributing
- monorepo-dag-sample
  monorepo-dag-sample
- monorepo-sample
  monorepo-sample
- mysql
  mysql
- nodejs
  nodejs
- nodejs-functions
  nodejs-functions
- nodejs-with-dependencies
  nodejs-with-dependencies
  - Contributing
- openshift-deploy
  openshift-deploy
- php
  php
- polyglot-openfaas-functions
  polyglot-openfaas-functions
  - Hello-Java11
- postgres
  postgres
- python-getting-started
  python-getting-started
  - Doc
- rails-with-dependencies
  rails-with-dependencies
  - Contributing
- redis
  redis
- review-apps-nginx
  review-apps-nginx
- review-apps-nomad
  review-apps-nomad
  - Demo-Page
- review-apps-openshift
  review-apps-openshift
- ruby-autodeploy
  ruby-autodeploy
- ruby-function
  ruby-function
- ruby-getting-started
  ruby-getting-started
  - Doc
- ruby-openfaas-function
  ruby-openfaas-function
- scala-sbt
  scala-sbt
  - Doc
- security-reports
  security-reports
- security-reports-security-policy-project
  security-reports-security-policy-project
- semantic-release-npm
  semantic-release-npm
- service-desk
  service-desk
- simple-maven-app
  simple-maven-app
- simple-maven-dep
  simple-maven-dep
- simple-maven-example
  simple-maven-example
- spring-gitlab-cf-deploy-demo
  spring-gitlab-cf-deploy-demo
  - Docs
- spring-with-dependencies
  spring-with-dependencies
- ssh-private-key
  ssh-private-key
- system-tests
  system-tests
- upstream-project
  upstream-project
- velociraptor
  velociraptor
- verify-390198
  verify-390198
- wayne-financial-security-policy-project
  wayne-financial-security-policy-project

GitLab Container Host Security Demo

This project contains the application that on purpose has some security issues and allows you to check how Container Host Security can detect malicious behavior in the application.

It can be used to test falco integration deployed using cluster management approach.

Name and Namespace

Applications will be deployed to Kubernetes with service names and namespaces not known prior deployment. After querying the desired services (e.g., kubectl get svc --all-namespaces), this information can be used as an input to this project.

Demo URL

You can find the available deployment addresses for this application in the environments page of this project.

Because this is application is vulnerable to security issues (by design), it is password-protected in public environments. The user name is hard-coded to demo.

The password, if defined, can be found in the variables section of the CI/CD settings.