Identifying and Remediating Host Vulnerabilities - Host Layer Round - Build Phase
For those who have completed the Web Application Firewall round
If you have completed the Web Application Firewall round, this round uses the same environment. If you have not deleted the AWS CloudFormation stack from the Web Application Firewall round, you can click here to proceed to the Assess Phase.
Note About Workshop and AWS Account
We strongly recommend that you use a non-production AWS account for this workshop such as a training, sandbox or personal account.
To setup the workshop environment, launch the CloudFormation stack below in the preferred AWS region using the "Deploy to AWS" links below. This will automatically take you to the console to run the template.
Click Next on the Specify Template section.
On the Specify stack details step, update the following parameters depending on how you are doing this workshop:
If you are sharing an AWS account with someone else in the same region, change the name of the stack to pww-yourinitials
- Automated Scanner: Set to false.
- Scanner Username: Leave default.
- Scanner Password: Leave default.
- Trusted Network CIDR: Enter a trusted IP or CIDR range you will access the site from using a web browser. You can optain your current IP at Ifconfig.co The entry should follow CIDR notation. i.e. 10.10.10.10/32 for a single host.
Keep the defaults for the rest of the parameters.
Click Next on the Configure stack options section.
Check the box to acknowledge that the template will create IAM roles under Capabilities and click Create.
This will bring you back to the CloudFormation console. You can refresh the page to see the stack starting to create. Before moving on, make sure the stack is in a CREATE_COMPLETE status. This should take approximately eight minutes.
Click here to proceed to the Assess Phase.