200
RUGGED SOFTWARE USING RUGGED DRIVEN DEVELOPMENT @wickett // @iteration1 // @mattjay

Rugged Software Using Rugged Driven Development

Embed Size (px)

DESCRIPTION

Security testing is often done at the cadence of auditors and not at the pace of the development team which hurts delivery time in agile teams. Rugged Driven Development (RDD) utilizes security and other stress testing methodologies during the development process to impact the end product so that you create software that is secure, reliable and resilient. Using the Gauntlt open source framework to help implement RDD you will find it fun to live by the Gauntlt motto, “be mean to your code.” You will be equipped to deliver and release ruggedized software faster as well as span the communication gaps that exist between dev, ops and security teams. This talk will help you implement RDD your projects with plenty of real world examples. At the end of the workshop, you should: Be Rugged Driven Dev savvy and ready to ruggedize your next project with some new practices and tooling Know how to use gauntlt and the security tools it hooks into Take some of the pre-built gauntlt attacks and modify them to your own project Write your own gauntlt attacks and put them in practice

Citation preview

Page 1: Rugged Software Using Rugged Driven Development

RUGGED SOFTWARE USING RUGGED DRIVEN

DEVELOPMENT

@wickett // @iteration1 // @mattjay

Page 2: Rugged Software Using Rugged Driven Development

$ wget http://bit.ly/rugged-sxsw-box

AND !

Install Virtual Box and Vagrant

Page 3: Rugged Software Using Rugged Driven Development

BE RUGGED AND BE MEAN TO YOUR CODE

#RUGGED #BEMEAN

Use this one to troll SXSW

Official tag

#SXSW +

Page 4: Rugged Software Using Rugged Driven Development

63% HANDS ON LABS!

APPLIEDTHEORY

Page 5: Rugged Software Using Rugged Driven Development

WORKSHOP PLEDGE

Page 6: Rugged Software Using Rugged Driven Development

You/Me

I will not attempt to access my neighbor’s computer

!

I will not hack the wifi!

I will be friendly to those around me

Page 7: Rugged Software Using Rugged Driven Development

ONE 5-MINUTE BREAK

Page 8: Rugged Software Using Rugged Driven Development

HANDS-ON LABS

8 Mini Labs lasting 5 to 15 minutes each

Let us know if you are having a problem, and we will help

We will also be around after the class to help as well

Page 9: Rugged Software Using Rugged Driven Development

VIRTUAL BOX AND VAGRANT

Page 10: Rugged Software Using Rugged Driven Development

TIPS FOR THE LABS

Open the labs folder in your browser to follow along to benefit from markdown display

Run all commands from the ~/gauntlt-demo

Page 11: Rugged Software Using Rugged Driven Development
Page 12: Rugged Software Using Rugged Driven Development

LOOKING FOR THE 5’S

Page 13: Rugged Software Using Rugged Driven Development

WHY ARE YOU HERE?

Page 14: Rugged Software Using Rugged Driven Development
Page 15: Rugged Software Using Rugged Driven Development

OUR GOAL: EQUIP YOU WITH THE THEORY, EXAMPLES AND TOOLING

SO THAT YOU CAN BEGIN YOUR RUGGED JOURNEY

Page 16: Rugged Software Using Rugged Driven Development

WHO ARE WE?

Page 17: Rugged Software Using Rugged Driven Development

JAMES WICKETTAustin, TX

Sr. DevOps Engr, Mentor Graphics

Gauntlt Core Team

DevOps Days Austin Organizer

Velocity, LASCON, ISC2, AppSecUSA, B-Sides, …

Page 18: Rugged Software Using Rugged Driven Development

MATT JOHANSEN

Houston, TX

Sr. Manager, TRC WhiteHat Security

BlackHat, DEFCON, RSA, more++

Wannabe Dev (node.js, angularjs)

I’m hiring

Page 19: Rugged Software Using Rugged Driven Development

KARTHIK GAEKWAD

Austin, TX

Sr. Software Engr, Mentor Graphics

DevOps Days Austin Organizer

Agile, LASCON, DevOps Days, AppSecUSA, …

Page 20: Rugged Software Using Rugged Driven Development

WHY DOES THIS MATTER?

Page 21: Rugged Software Using Rugged Driven Development

SNOWDEN, NSA, NATION-STATE ACTORS, …

Page 22: Rugged Software Using Rugged Driven Development

PEOPLE MATTER

Page 23: Rugged Software Using Rugged Driven Development

PEOPLE MATTER

Page 24: Rugged Software Using Rugged Driven Development

THE BROKEN WINDOW FALLACY &

THE PRISONER’S DILEMMA

Page 25: Rugged Software Using Rugged Driven Development

BREACHES CAUSE CYNICISM, DISTRUST AND LOSS

Page 26: Rugged Software Using Rugged Driven Development

SOFTWARE HAS CHANGED

Page 27: Rugged Software Using Rugged Driven Development

SOFTWARE AS A SERVICE

Page 28: Rugged Software Using Rugged Driven Development

SOFTWARE AS BRICOLAGE

Page 29: Rugged Software Using Rugged Driven Development

BOLT ON FEATURE

APPROACH

Page 30: Rugged Software Using Rugged Driven Development

FRAGILE CODE AS A SERVICE

Page 31: Rugged Software Using Rugged Driven Development

DEPLOY TIMELINES HAVE CHANGED

Page 32: Rugged Software Using Rugged Driven Development

DEV AND OPS HAVE TEAMED UP IN THIS NEW WORLD

Page 33: Rugged Software Using Rugged Driven Development

CONTINUOUS DELIVERY IS A THING

Page 34: Rugged Software Using Rugged Driven Development

http://www.slideshare.net/jallspaw/10-deploys-per-day-dev-and-ops-cooperation-at-flickr

Page 35: Rugged Software Using Rugged Driven Development

DEVOPS IS 5 YEARS OLD NOW

Page 36: Rugged Software Using Rugged Driven Development

SECURITY IS STUCK IN 1997 … MOSTLY

Page 37: Rugged Software Using Rugged Driven Development

WHY IS THAT?

Page 38: Rugged Software Using Rugged Driven Development

COMPLIANCE DRIVEN CULTURE: PCI, SOX, …

Page 39: Rugged Software Using Rugged Driven Development

RATIO PROBLEM DEVS / OPS / SECURITY

100 / 10 / 1

Page 40: Rugged Software Using Rugged Driven Development

SECURITY TOOLS ARE CONFUSING

Page 41: Rugged Software Using Rugged Driven Development

BUT, THERE IS HOPE

Page 42: Rugged Software Using Rugged Driven Development

https://speakerdeck.com/garethr/security-monitoring-penetration-testing-meets-monitoring

Page 43: Rugged Software Using Rugged Driven Development

http://www.youtube.com/watch?v=jQblKuMuS0Y

Page 44: Rugged Software Using Rugged Driven Development
Page 45: Rugged Software Using Rugged Driven Development

THE RUGGED MANIFESTO

Page 46: Rugged Software Using Rugged Driven Development

I AM RUGGED AND, MORE IMPORTANTLY, MY CODE IS RUGGED.

!

I RECOGNIZE THAT SOFTWARE HAS BECOME A FOUNDATION OF OUR MODERN WORLD.

!

I RECOGNIZE THE AWESOME RESPONSIBILITY THAT COMES WITH THIS FOUNDATIONAL ROLE.

Page 47: Rugged Software Using Rugged Driven Development

I RECOGNIZE THAT MY CODE WILL BE USED IN WAYS I CANNOT ANTICIPATE, IN WAYS IT WAS NOT

DESIGNED, AND FOR LONGER THAN IT WAS EVER INTENDED.

!

I RECOGNIZE THAT MY CODE WILL BE ATTACKED BY TALENTED AND PERSISTENT ADVERSARIES WHO

THREATEN OUR PHYSICAL, ECONOMIC AND NATIONAL SECURITY.

Page 48: Rugged Software Using Rugged Driven Development

I RECOGNIZE THESE THINGS – AND I CHOOSE TO BE RUGGED.

!

I AM RUGGED BECAUSE I REFUSE TO BE A SOURCE OF VULNERABILITY OR WEAKNESS.

!

I AM RUGGED BECAUSE I ASSURE MY CODE WILL SUPPORT ITS MISSION.

Page 49: Rugged Software Using Rugged Driven Development

I AM RUGGED BECAUSE MY CODE CAN FACE THESE CHALLENGES AND PERSIST IN SPITE

OF THEM. !

I AM RUGGED, NOT BECAUSE IT IS EASY, BUT BECAUSE IT IS NECESSARY AND I AM UP FOR

THE CHALLENGE.

Page 50: Rugged Software Using Rugged Driven Development

DEV / OPS / SEC JOIN FORCES

Page 51: Rugged Software Using Rugged Driven Development

#RUGGEDDEVOPS

Page 52: Rugged Software Using Rugged Driven Development

http://www.slideshare.net/wickett/putting-rugged-into-your-devops-toolchain

Page 53: Rugged Software Using Rugged Driven Development

LET’S BUILD RUGGED SOFTWARE

Page 54: Rugged Software Using Rugged Driven Development

RUGGED WEB APPS

Page 55: Rugged Software Using Rugged Driven Development

VULNERABLE CODE IS EVERYWHERE

Page 56: Rugged Software Using Rugged Driven Development

CROSS SITE SCRIPTING [XSS]

Page 57: Rugged Software Using Rugged Driven Development

WHAT IS IT? [XSS]

Page 58: Rugged Software Using Rugged Driven Development

REFLECTIVE [XSS]

Page 59: Rugged Software Using Rugged Driven Development
Page 60: Rugged Software Using Rugged Driven Development

PERSISTENT [XSS]

Page 61: Rugged Software Using Rugged Driven Development

DOM BASED [XSS]

Page 62: Rugged Software Using Rugged Driven Development

WHY IS IT BAD? [XSS]

Page 63: Rugged Software Using Rugged Driven Development

DOCUMENT.COOKIE [XSS]

Page 64: Rugged Software Using Rugged Driven Development
Page 65: Rugged Software Using Rugged Driven Development

DOCUMENT.LOCATION [XSS]

Page 66: Rugged Software Using Rugged Driven Development

HOW DO I FIX IT? [XSS]

Page 67: Rugged Software Using Rugged Driven Development

GOOD: INPUT SANITIZATION [XSS]

Page 68: Rugged Software Using Rugged Driven Development

BLACKLIST :( [XSS]

Page 69: Rugged Software Using Rugged Driven Development

WHITELIST :) [XSS]

Page 70: Rugged Software Using Rugged Driven Development

BETTER: OUTPUT ENCODING [XSS]

Page 71: Rugged Software Using Rugged Driven Development

< > BECOME &LT; &GT; [XSS]

Page 72: Rugged Software Using Rugged Driven Development

SQL INJECTION [SQLi]

Page 73: Rugged Software Using Rugged Driven Development

WHAT IS IT? [SQLi]

Page 74: Rugged Software Using Rugged Driven Development

WHY IS IT BAD? [SQLi]

Page 75: Rugged Software Using Rugged Driven Development
Page 76: Rugged Software Using Rugged Driven Development
Page 77: Rugged Software Using Rugged Driven Development

CREDIT: XKCD

Page 78: Rugged Software Using Rugged Driven Development

HOW WOULD YOU EXPLOIT?

Page 79: Rugged Software Using Rugged Driven Development

‘;

Page 80: Rugged Software Using Rugged Driven Development

PWNED

Page 81: Rugged Software Using Rugged Driven Development

HOW DO I FIX IT? [SQLi]

Page 82: Rugged Software Using Rugged Driven Development

PARAMETERIZED QUERIES [SQLi]

Page 83: Rugged Software Using Rugged Driven Development

PARAMETERIZED QUERIES (PHP) [SQLi]

Page 84: Rugged Software Using Rugged Driven Development

PARAMETERIZED QUERIES (JAVA) [SQLi]

Page 85: Rugged Software Using Rugged Driven Development

CROSS SITE REQUEST FORGERY [CSRF]

Page 86: Rugged Software Using Rugged Driven Development

WHAT IS IT? [CSRF]

Page 87: Rugged Software Using Rugged Driven Development

WHY IS IT BAD? [CSRF]

Page 88: Rugged Software Using Rugged Driven Development
Page 89: Rugged Software Using Rugged Driven Development
Page 90: Rugged Software Using Rugged Driven Development

HOW DO I FIX IT? [CSRF]

Page 91: Rugged Software Using Rugged Driven Development
Page 92: Rugged Software Using Rugged Driven Development

TOKENS! [CSRF]

Page 93: Rugged Software Using Rugged Driven Development

IMAGE CREDIT: DOTNETBIPS.COM

Page 94: Rugged Software Using Rugged Driven Development

AGAIN… VULNERABLE CODE IS EVERYWHERE

Page 95: Rugged Software Using Rugged Driven Development

GETS FIXED SLOWLY

Page 96: Rugged Software Using Rugged Driven Development

GETS FIXED SLOWLY

Page 97: Rugged Software Using Rugged Driven Development

…IF EVER

Page 98: Rugged Software Using Rugged Driven Development

OWASP TOP 10

Page 99: Rugged Software Using Rugged Driven Development

LAB #1 - SETUP

Page 100: Rugged Software Using Rugged Driven Development

SETUP

github.com/gauntlt/gauntlt-demo

Open the Labs in your browser > https://github.com/gauntlt/gauntlt-demo/tree/master/labs/sxsw-2014

You need Vagrant and VirtualBox installed on your laptop

Page 101: Rugged Software Using Rugged Driven Development
Page 102: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 01_Overview.md

├── 02_Setup using Vagrant.md

Page 103: Rugged Software Using Rugged Driven Development
Page 104: Rugged Software Using Rugged Driven Development
Page 105: Rugged Software Using Rugged Driven Development
Page 106: Rugged Software Using Rugged Driven Development

5-MINUTE BREAK

Page 107: Rugged Software Using Rugged Driven Development

LAB #2 - WEB APP HACKING

Page 108: Rugged Software Using Rugged Driven Development

XSS DEMO

Page 109: Rugged Software Using Rugged Driven Development
Page 110: Rugged Software Using Rugged Driven Development
Page 111: Rugged Software Using Rugged Driven Development

FIND THE VULN

Page 112: Rugged Software Using Rugged Driven Development

FIND THE VULN

Page 113: Rugged Software Using Rugged Driven Development

FIND THE VULN

Page 114: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 04_Start up Vulnerable Target.md

Page 115: Rugged Software Using Rugged Driven Development
Page 116: Rugged Software Using Rugged Driven Development

For this lab, poke around and try to find a second XSS vulnerability

!

Let us know when you find it…

Page 117: Rugged Software Using Rugged Driven Development

INTRO TO GAUNTLT

Page 118: Rugged Software Using Rugged Driven Development

WOULDN’T IT BE GREAT IF WE COULD AUTOMATE OUR SECURITY

TESTS…

Page 119: Rugged Software Using Rugged Driven Development

http://static.hothdwallpaper.net/51b8e4ee5a5ae19808.jpg

Page 120: Rugged Software Using Rugged Driven Development

GAUNTLT IS AN OPINIONATED FRAMEWORK TO DO RUGGED TESTING

Page 121: Rugged Software Using Rugged Driven Development

GAUNTLT IS OPEN SOURCE MIT LICENSED

Page 122: Rugged Software Using Rugged Driven Development

GAUNTLT AUTOMATES SECURITY TOOLS

Page 123: Rugged Software Using Rugged Driven Development

GAUNTLT = SECURITY + CUCUMBER

Page 124: Rugged Software Using Rugged Driven Development
Page 125: Rugged Software Using Rugged Driven Development
Page 126: Rugged Software Using Rugged Driven Development
Page 127: Rugged Software Using Rugged Driven Development
Page 128: Rugged Software Using Rugged Driven Development

CODE

GARMR NMAP CURL ARACHNI

Page 129: Rugged Software Using Rugged Driven Development

GARMR NMAP CURL ARACHNI

CODE

Page 130: Rugged Software Using Rugged Driven Development
Page 131: Rugged Software Using Rugged Driven Development

BUILT ON CUCUMBER

Page 132: Rugged Software Using Rugged Driven Development

GAUNTLT PHILOSOPHYGauntlt comes with pre-canned steps that hook security testing tools

Gauntlt does not install tools

Gauntlt wants to be part of the CI/CD pipeline

Be a good citizen of exit status and stdout/stderr

Page 133: Rugged Software Using Rugged Driven Development

GAUNTLT IS COLLABORATION

Page 134: Rugged Software Using Rugged Driven Development

*.attack

something.attackelse.attack

GAUNTLT IN ACTION

Page 135: Rugged Software Using Rugged Driven Development

FeatureBackground

Scenario

DescriptionSetup

Logic

ATTACK STRUCTURE

Page 136: Rugged Software Using Rugged Driven Development

ATTACK LOGIC

Given

When

Then

Page 137: Rugged Software Using Rugged Driven Development

Given “arachni” is installed

Setup steps

Check Resource Available

ATTACK STEP: GIVEN

Page 138: Rugged Software Using Rugged Driven Development

ATTACK STEP: WHEN

Action steps

When I launch an “arachni-xss” attack

Page 139: Rugged Software Using Rugged Driven Development

ATTACK STEP: THEN

Parsing Steps

Then the output should not contain “fail”

Page 140: Rugged Software Using Rugged Driven Development

LET’S PUT IT ALL TOGETHER

Page 141: Rugged Software Using Rugged Driven Development
Page 142: Rugged Software Using Rugged Driven Development

LAB #3 - HELLO WORLD

Page 143: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 05_Hello World with Gauntlt.md

Page 144: Rugged Software Using Rugged Driven Development

HELLO WORLD

Page 145: Rugged Software Using Rugged Driven Development
Page 146: Rugged Software Using Rugged Driven Development

LAB #4 - BASIC PORT CHECK

Page 147: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 06_Port Check.md

Page 148: Rugged Software Using Rugged Driven Development
Page 149: Rugged Software Using Rugged Driven Development

$ nmap -F localhost $ nmap -F scanme.nmap.org

TRY OUT NMAP

Page 150: Rugged Software Using Rugged Driven Development
Page 151: Rugged Software Using Rugged Driven Development

@challenge @slow Feature: check to make sure the right ports are open on our server ! Background: Given "nmap" is installed And the following profile: | name | value | | host | localhost | ! Scenario: Verify server is open on expected ports When I launch an "nmap" attack with: """ nmap -F <host> """ # Then ... # TODO: figure out a way to parse the output and determine what is passing # For hints consult the README.md

Page 152: Rugged Software Using Rugged Driven Development

$ bundle exec gauntlt --allsteps

Page 153: Rugged Software Using Rugged Driven Development

TRUST THE PIPE

Page 154: Rugged Software Using Rugged Driven Development

@final @slow Feature: check to make sure the right ports are open on our server ! Background: Given "nmap" is installed And the following profile: | name | value | | host | localhost | ! Scenario: Verify server is open on expected ports When I launch an "nmap" attack with: """ nmap -F <host> """ Then the output should contain: """ 8008 """

SOLUTION

Page 155: Rugged Software Using Rugged Driven Development

LAB #5 - CLI AND REGEX

Page 156: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 07_Working with Gauntlt CLI.md

├── 08_Regex.md

Page 157: Rugged Software Using Rugged Driven Development

Open 07_Working with Gauntlt CLI.md and run the following:

Page 158: Rugged Software Using Rugged Driven Development

08_Regex.md

Page 159: Rugged Software Using Rugged Driven Development

Then the output should match: """ 8008\/tcp\s+open """ Then the output should not match /3001.tcp\s+open/

SOLUTION

Page 160: Rugged Software Using Rugged Driven Development

LAB #6 - GARMR

Page 161: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 09_Garmr and Web Security.md

Page 162: Rugged Software Using Rugged Driven Development

WHAT IS GARMR?

Page 163: Rugged Software Using Rugged Driven Development

GARMR IS A SCRIPT FROM MOZILLA THAT CHECKS FOR A

BUNCH OF SECURITY POLICIES IN WEB APPS

Page 164: Rugged Software Using Rugged Driven Development

MOZILLA SECURITY POLICY DISTILLED FOR THE REST OF US

Page 165: Rugged Software Using Rugged Driven Development
Page 166: Rugged Software Using Rugged Driven Development

LAB #7 - XSS WITH ARACHNI

Page 167: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 10_Arachni and XSS testing.md

Page 168: Rugged Software Using Rugged Driven Development

XSS LAB!

Page 169: Rugged Software Using Rugged Driven Development

arachni --modules=xss --depth=1 \ --link-count=10 --auto-redundant=2 \ scanme.nmap.org

TRY OUT ARACHNI

Page 170: Rugged Software Using Rugged Driven Development

BONUS POINTS, FIND THE VULN!

Page 171: Rugged Software Using Rugged Driven Development

Hint….!

When I launch an "arachni-full_xss" attack

Page 172: Rugged Software Using Rugged Driven Development

LET US KNOW WHEN YOU HAVE FOUND IT

Page 173: Rugged Software Using Rugged Driven Development

Arachni found XSS in Gruyere, Oh noes!!

localhost:8008/signup/<script>alert(1)</script>

Page 174: Rugged Software Using Rugged Driven Development

LAB #8 - ADVANCED GAUNTLT

Page 175: Rugged Software Using Rugged Driven Development

LAB INSTRUCTIONS

For this lab, you will complete:├── 11_Assert Network.md

├── 12_Output to HTML.md

└── 13_Working with Environment Variables.md

Page 176: Rugged Software Using Rugged Driven Development
Page 177: Rugged Software Using Rugged Driven Development

bundle exec gauntlt --format html > out.html

HTML OUTPUT

Page 178: Rugged Software Using Rugged Driven Development

out.html

Page 179: Rugged Software Using Rugged Driven Development
Page 180: Rugged Software Using Rugged Driven Development

RUGGED TESTING ON EVERY COMMIT

Page 181: Rugged Software Using Rugged Driven Development

YOU PROMISED CI/CD PIPELINE…

Page 182: Rugged Software Using Rugged Driven Development
Page 183: Rugged Software Using Rugged Driven Development

THIS DEFINITELY IS 5 STAR TERRITORY

Page 184: Rugged Software Using Rugged Driven Development
Page 185: Rugged Software Using Rugged Driven Development

TRAVIS CI PARSES CONFIG AND THEN RUNS RAKE

Page 186: Rugged Software Using Rugged Driven Development

require 'gauntlt' !task :gauntlt do sh "cd ./vendor/gruyere && ./manual_launch.sh && cd ../.." sh "cd ./examples && bundle exec gauntlt --tags @final && cd .." sh "cd ./vendor/gruyere && ./manual_kill.sh && cd ../.." end

RAKEFILE

Page 187: Rugged Software Using Rugged Driven Development

language: ruby rvm: - 1.9.3 before_install: - git submodule update --init --recursive before_script: - sudo apt-get install nmap - sudo apt-get install wget - sudo apt-get install libcurl4-openssl-dev - 'pwd' - export SSLYZE_PATH="/home/travis/build/gauntlt/gauntlt-demo/vendor/sslyze/sslyze.py" - export SQLMAP_PATH="/home/travis/build/gauntlt/gauntlt-demo/vendor/sqlmap/sqlmap.py" - 'cd vendor/Garmr && sudo python setup.py install && cd ../..' - 'cd vendor && wget http://downloads.sourceforge.net/project/dirb/dirb/2.03/dirb203.tar.gz && tar xvfz dirb203.tar.gz && cd dirb && ./configure && make && sudo cp dirb /usr/local/bin/ && cd ../../' - export DIRB_WORDLISTS="/home/travis/build/gauntlt/gauntlt/vendor/dirb/wordlists" notifications: irc: channels: - "chat.freenode.net#gauntlt" use_notice: true

gauntlt-demo/.travis.yml

Page 188: Rugged Software Using Rugged Driven Development

WE HAVE BEEN DOING CONTINUOUS INTEGRATION WITH GAUNTLT THIS

WHOLE TIME WITH THE LABS!

Page 189: Rugged Software Using Rugged Driven Development
Page 190: Rugged Software Using Rugged Driven Development
Page 191: Rugged Software Using Rugged Driven Development

SAHWEET!

Page 192: Rugged Software Using Rugged Driven Development

NOW WHAT?

Page 193: Rugged Software Using Rugged Driven Development

THESE SLIDES

http://bit.ly/gauntlt-sxsw-slides

Page 194: Rugged Software Using Rugged Driven Development

• Google Group > https://groups.google.com/d/forum/gauntlt

• Wiki > https://github.com/gauntlt/gauntlt/wiki• Twitter > @gauntlt• IRC > #gauntlt on freenode• Weekly hangout > http://bit.ly/gauntlt-hangout• Issue tracking > http://github.com/gauntlt/gauntlt

Page 195: Rugged Software Using Rugged Driven Development

https://vimeo.com/79797907

Page 196: Rugged Software Using Rugged Driven Development

FREE GAUNTLT BETA BOOK FOR SXSW ATTENDEES!

http://leanpub.com/hands-on-gauntlt/c/SXSW

Caveat Emptor: No content at the moment!

Valid until March 11th

Page 197: Rugged Software Using Rugged Driven Development

GAUNTLT-SERVER COMING SOON!

Page 198: Rugged Software Using Rugged Driven Development

WILL YOU GIVE US THE 5’S?

Page 199: Rugged Software Using Rugged Driven Development
Page 200: Rugged Software Using Rugged Driven Development

QUESTIONS?