Test your infrastructure with Baz
system
Test security configuration, IAM policies, and compliance.
Focus on writing test logic,
and
leave the rest to us.
Why not ad-hoc scripts?
Security Risks
Developing quick scripts generally leads to hardcoded secrets, insecure
communication, and information
leakage,
putting
sensitive information at risk.
Difficult Integrations
Integrating them with other applications and tools requires a considerable learning curve. Each new
integration feels like starting from zero.
Maintainability
Quick-fix programs are hard to maintain in a changing environment, and limited documentation makes
them less
useful over time.
Script tests quickly in JavaScript
Example - Test "Access this computer from the network" configuration
for
a Windows
server.
Define Windows server configuration in
win.toml file.
[win.params]
domain = 'corp.bazc.com'
username = 'corp\freddy'
password = 'secret://secret.windows.password'
ca_certs = 'file:///home/freddy/shared/CA.pem'
We could easily externalize the policy and the
server
list. In fact, the Active Directory test collection does this and a lot more, using CIS Windows Server
2022
benchmark as a reference policy. Try
it out yourself.
Why Baz system?
Get done...Fast
Simple APIs to get data without worrying
about protocols.
See API behaviour by running them in Baz shell.
Easy-to-read APIs from BDD/TDD assertions library.
Pull ready-to-use test cases from the community.
Easy path...Secure
Makes secure the easy path with simple configurations.
Secure mechanism to pass secrets, so no more hardcoded surprises.
Data segregation between entities of the service.
Increase coverage...Evolve
Start from where you are, and fix what you can with initial tests.
Easily add & extend test cases as the system evolves.
Learn & collaborate with others through test cases.
Right tool...for the right audience
Present findings visually with a detailed CSV report.
Easily maintain configurations in TOML files.
Easy-to-read, print, and debug test cases with inbuilt capabilities.
Meet Freddy, the security engineer in 91 seconds.