A critical step in software development security is to identify vulnerabilities within container images and running web apps. In this hands-on lab, you’ll identify security vulnerabilities within a container image and perform web app security vulnerability scanning using Web Security Scanner.
Successfully complete this lab by achieving the following learning objectives:
- Enable Container Registry
Enable the Container Registry service using the GCP console.
- Docker Pull, Tag, and Push Container Image
Using the Cloud Shell, perform the following tasks:
- Pull the DVWA Docker image.
- Tag the DVWA Docker image.
- Push the DVWA Docker image.
- View Vulnerabiilties
Use Container Registry to view the vulnerabilities associated with the container image.
- Deploy Container on a VM Instance
Create a new Compute Engine VM instance, using the newly pushed image, in the GCP console.
- Reserve Static IP Address
- From the GCP console, navigate to the IP Addresses page.
- Reserve a static IP address for the newly created VM instance.
- Create and Run Scan Using Web Security Scanner
- Enable the Web Security Scanner service using the GCP console.
- Create a Web Security Scanner scan.
- Run the newly created Web Security Scanner scan.