diff --git a/data/headerNavLinks.js b/data/headerNavLinks.js index 6d5e683..fa015e6 100644 --- a/data/headerNavLinks.js +++ b/data/headerNavLinks.js @@ -1,6 +1,6 @@ const headerNavLinks = [ { href: '/workshop', title: 'Exercises' }, - { href: 'https://docs.openshift.com/container-platform/4.15/welcome/index.html', title: 'Documentation' }, + { href: 'https://docs.openshift.com/container-platform/4.16/welcome/index.html', title: 'Documentation' }, { href: 'https://demo.redhat.com/workshop/s72ya3', title: 'Environment login' } ] diff --git a/data/workshop/README.org b/data/workshop/README.org index 6e31b54..da37692 100644 --- a/data/workshop/README.org +++ b/data/workshop/README.org @@ -8,7 +8,7 @@ This document captures the steps required to set up an instance of the workshop. * Log in to cluster #+begin_src tmux -oc login --web https://api.cluster-wc9vg.wc9vg.sandbox1332.opentlc.com:6443 +oc login --web https://api.cluster-dlljg.dlljg.sandbox1289.opentlc.com:6443 #+end_src * Update cluster logo diff --git a/data/workshop/exercise1.mdx b/data/workshop/exercise1.mdx index 27f0d67..3a6a539 100644 --- a/data/workshop/exercise1.mdx +++ b/data/workshop/exercise1.mdx @@ -20,7 +20,7 @@ You're in a race to reach the highest score before the session concludes! If mul We're returning to ACME Financial Services, a large bank based in Australia. Thanks to the efforts of the local account team after a long procurement journey Red Hat has landed a massive **$5m AUD** deal including a significant portion of Red Hat Services 🚀. -Your hackathon team are the post-sales consultants engaging with ACME to complete their OpenShift platform security hardening in support of the platform production certification & accreditation. +Your hackathon team are the post-sales consultants engaging with ACME to improve their OpenShift platform security hardening. The bank have been running OpenShift for a while but the account team have said *"they are basically YOLO'ing it"* from a security perspective. Thankfully you're on site now to help iron things out! ![acme](/static/images/security/acme.png) diff --git a/data/workshop/exercise4.mdx b/data/workshop/exercise4.mdx index ab12d0d..c907761 100644 --- a/data/workshop/exercise4.mdx +++ b/data/workshop/exercise4.mdx @@ -17,7 +17,7 @@ You're in a meeting room going over things together, so far so good. ## 4.1 Oh *$%# that is really bad -You're looking over the **Vulnerability Management** > **Workload CVE's** > **Namespace View** together in the RHACS console. +You're looking over the RHACS Dashboard together in the RHACS console. You and Angie both spot it at the same time... @@ -28,10 +28,23 @@ The core banking payments processor namespace `prd-acme-payments` is vulnerable ## 4.2 What the %$^& do we do???? -In the minutes following the alarming discovery you listen in to a series of rushed conversations and Microsoft Skype for Business™ conversations between Angie and various security team members, service owners and incident management team members. +In the minutes following the alarming discovery you observe a series of rushed conversations and Microsoft Skype for Business™ conversations between Angie and various security team members, service owners and incident management team members. A critical incident has been raised but at this point the consensus is the application simple cannot be turned off. It's a core component of the banks payments processing and must continue running. The ACME team now turn to you, seeking advice on how they could secure this existing vulnerable deployment in place, without scaling down the application, so that any attempt at exploiting the vulnerability would be automatically thwarted. The clocks ticking, how will you respond? + +Documentation you may find helpful is: + +- https://docs.redhat.com/en/documentation/red_hat_advanced_cluster_security_for_kubernetes/4.5/html/operating/evaluate-security-risks#use-process-baselines_evaluate-security-risks + + +## 4.3 - Check your work + +If you've successfully secured the banks vulnerable payments processor please post a message in `#event-anz-ocp-security-hackathon` with the message: + +> Please review [team name] solution for exercise 4, our payments processor application is now unhackable. + +This exercise is worth `25` points. The event team will reply in slack to confirm your updated team total score 🎉