Security Automation with Ansible 2: Leverage Ansible 2 to automate complex security tasks like application security, network security, and malware analysis
Automate security-related tasks in a structured, modular fashion using the best open source automation tool available
- Leverage the agentless, push-based power of Ansible 2 to automate security tasks
- Learn to write playbooks that apply security to any part of your system
- This recipe-based guide will teach you to use Ansible 2 for various use cases such as fraud detection, network security, governance, and more
Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.
We ll start by covering various popular modules and writing simple playbooks to showcase those modules. You ll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you ll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on.
Moving on, you ll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we ll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs.
What you will learn
- Use Ansible playbooks, roles, modules, and templating to build generic, testable playbooks
- Manage Linux and Windows hosts remotely in a repeatable and predictable manner
- See how to perform security patch management, and security hardening with scheduling and automation
- Set up AWS Lambda for a serverless automated defense
- Run continuous security scans against your hosts and automatically fix and harden the gaps
- Extend Ansible to write your custom modules and use them as part of your already existing security automation programs
- Perform automation security audit checks for applications using Ansible
- Manage secrets in Ansible using Ansible Vault
Who This Book Is For
If you are a system administrator or a DevOps engineer with responsibility for finding loop holes in your system or application, then this book is for you. It s also useful for security consultants looking to automate their infrastructure s security model.
Table of Contents
Chapter 1: Introduction to Ansible Playbooks and Roles
Chapter 2: Ansible Tower, Jenkins, and Other Automation Tools
Chapter 3: Setting Up a Hardened WordPress with Encrypted Automated Backups
Chapter 4: Log Monitoring and Serverless Automated Defense (Elastic Stack in AWS)
Chapter 5: Automating Web Application Security Testing Using OWASP ZAP
Chapter 6: Vulnerability Scanning with Nessus
Chapter 7: Security Hardening for Applications and Networks
Chapter 8: Continuous Security Scanning for Docker Containers
Chapter 9: Automating Lab Setups for Forensics Collection and Malware Analysis
Chapter 10: Writing an Ansible Module for Security Testing
Chapter 11: Ansible Security Best Practices, References, and Further Reading