Demo Steps

Step

Instructions

1

Sign in to CloudGuard CNAPP Pipeline Security (Spectral) Demo :

Step

Instructions

1

Open a browser (Chrome recommended) on your machine and browse to https://portal.checkpoint.com

2

Enter the following User Name : demouser@chkp-demodays.xyz

You will be redirect to Microsoft Login page,

Use the below credentials :

  1. User Name : demouser@chkp-demodays.xyz

  2. Password : Cpwins1234$

    Note - if you already connected with other Microsoft account , select the option Use another account.

3

Select Yes in the Stay signed in? window.

After successful login , You will be redirect to Infinity Portal.

4

Select cspm-demopoint account:

2

Navigate to the CloudGuard > Shiftleft.

The Dashboard provides an overview of all your organization's assets.

Each cube inside the cards represents an asset, like a repository or a container.

 

ShiftLeft provides the following statuses for your assets : Critical , High , Medium , Low , Informational , No Issues and No Active.

The status filter in the upper-left corner can help you focus on assets of a specific status.

3

We will review issues on the cspm-demopoint card ,

Navigate to Assets and Search for : DemoPoint/demo-app.

4

Click on the DemoPoint/demo-app asset :

5

Click on one of Top IaC issues sources on DemoPoint/demo-app :

6

You will move to the following view :

  1. The upper part includes metadata about the asset, the asset name, its status, source, when it was scanned, how many issues were detected.

  • Asset name : DemoPoint/demo-app.

  • Asset source : Github.com

  • Asset ID : github.com/demopoint/demo-app.

  • Asset type (private /public) : Private.

  1. The second part is the quick view table.

    In the table, you will find the last scan results for a specific asset,

    There are four tabs to help you be more productive:

  • Secrets Shows the exposed secrets that ShiftLeft found.

  • IaC Shows the infrastructure-as-code issues that ShiftLeft found in the asset grouped by file.

    Each IaC issue shows the IaC resource related to it.

  • CI/CD hardening Shows issues in the repository settings, for example, when the main or master branch has no policy for a merge.

  • Sprawl Shows secrets that appear in multiple locations in an asset or across assets.

7

Click on the Secrets tab ,

Filter for the Visible Terraform admin password - TF-020 issue on the Detector filter :

8

We will focus on the issue : Visible Terraform admin password

9

Click on the source link to review the issue on the github repository :

You will be direct to the main.tf file and the relevant issue will be marked [admin_password]:

10

Go back to the Secrets tab on the Dashboard and hover over on Visible Terraform admin password:

Note

Detector represent issue types which we discovered during scanning of your assets,

Each detector has an id associated with it, and once you hover over the detector, you can see its description.

 

ShiftLeft provides out of the box playbooks which will assist your developers while they Try to solve an issue.

Once you click on the detector, you will be directed to its playbook.

 

The playbook includes a section that specifies the finding and its policy ( MITRE, CIS, PCI, etc.).

The body of the playbook will include a detailed section on the problem which spectral identified and different ways to remediate the issue.

We also include links for the different CWE and other articles and make sure your developers are well educated and have a good understanding of the issue and how to resolve it.

11

Click on the Secret issue link to open relevant playbook:

Review the description and the instructions how to solve it :

12

Go Back to the Issues DemoPoint/demo-app and present additional examples [investigate & Detector playbooks].

13

Click on Reports :

 

The reports on this page relate to three categories:

  • Code

  • Host

  • Productivity

The Code reports provide general statistics for your organization:

  • Number of assets scanned

  • Total number of scans till today

  • Number of open issues in your assets (with a breakdown based on their severity)

  • Organization trend

  • Overall progress of your organization fixing issues in different assets

 

The hotspot charts show:

  • Top assets with the most issues.

  • Top common issues.

  • Top teams with most issues.

You can drill down from the chart to the Asset page and view the raw data.