Agentless configuration drift detection and remediation

Publicada el noviembre 15, 2023 por Stack Over Cloud

Over time, application owners find themselves compelled to continuously refine their applications and the underlying infrastructure to enhance the products they deliver, whether to internal or external customers. These modifications inevitably lead to changes in the configuration of both applications and infrastructure. While some of these changes may be benign, others can unintentionally steer the Read more about Agentless configuration drift detection and remediation[…]

Assessing Red Hat Ansible Automation Platform vulnerabilities

Publicada el noviembre 14, 2022 por Stack Over Cloud

What your security scanner isn’t telling you Security, more than ever, needs to move with speed, and we hear much about “shifting security left” and DevSecOps as methods to help achieve this. As this new paradigm gains momentum, so does the reliance on automated security tools to identify and mitigate software vulnerabilities at scale. Read more about Assessing Red Hat Ansible Automation Platform vulnerabilities[…]

Continuous Detection and Mitigation (CDM)

Publicada el mayo 9, 2022 por Stack Over Cloud

Overview What is CDM? The CDM model Ansible for security automation Ansible for the CDM use case Summary Where to go next Overview Per NASCIO, the top priority for state CIOs is cybersecurity and risk management. A key focus for this initiative is to leverage the Continuous Diagnostics and Mitigation (CDM) framework provided by the Read more about Continuous Detection and Mitigation (CDM)[…]

Getting started with Ansible security automation: Incident Response

Publicada el junio 17, 2021 por Stack Over Cloud

Technological advancements are intended to bring more control, agility and velocity to organizations. However, adopting these new technologies and techniques, such as cloud computing and microservices, increases an organization’s security footprint, bringing greater risk of security breaches. Cyberattacks potentially expose organizations to financial loss, reputational damage, legal liability, and business continuity risk. As a result, Read more about Getting started with Ansible security automation: Incident Response[…]

Deep dive into Trend Micro Deep Security integration modules

Publicada el abril 21, 2021 por Stack Over Cloud

At AnsibleFest 2020, we announced the extension of our security automation initiative to support endpoint protection use cases. If you have missed it, check out the recording of the talk “Automate your endpoint protection using Ansible” on the AnsibleFest page. Today, following this announcement we release the supported Ansible Content Collection for Trend Micro Deep Read more about Deep dive into Trend Micro Deep Security integration modules[…]

Automating Endpoint Protection with Ansible

Publicada el abril 19, 2021 por Stack Over Cloud

Enterprise security isn’t a homogeneous entity; it’s a portfolio of multi-vendor solutions run by disparate and often siloed teams. With so many different layers, automation proved to be effective in helping security operations teams to integrate and share accountability. Automated processes and workflows simplify and accelerate shared processes, like investigation & response and, if enabled Read more about Automating Endpoint Protection with Ansible[…]

Getting started with Ansible security automation: Threat Hunting

Publicada el octubre 15, 2020 por Stack Over Cloud

AnsibleFest has just wrapped up, with a whole track dedicated to security automation, our answer to the lack of integration across the IT security industry. If you’re looking for a use case to start with, our investigation enrichment blog will give you yet another example of where Ansible can facilitate typical operational challenges of security Read more about Getting started with Ansible security automation: Threat Hunting[…]

Automating Security with CyberArk and Red Hat Ansible Automation Platform

Publicada el julio 31, 2020 por Stack Over Cloud

Proper privilege management is crucial with automation. Automation has the power to perform multiple functions across many different systems. When automation is deployed enterprise-wide, across sometimes siloed teams and functions, enterprise credential management can simplify adoption of automation — even complex authentication processes can be integrated into the setup seamlessly, while adding additional security in Read more about Automating Security with CyberArk and Red Hat Ansible Automation Platform[…]

Automating Mitigation of the F5 BIG-IP TMUI RCE Security Vulnerability Using Ansible Tower (CVE-2020-5902)

Publicada el julio 15, 2020 por Stack Over Cloud

On June 30, 2020, a security vulnerability affecting multiple BIG-IP platforms from F5 Networks was made public with a CVSS score of 10 (Critical). Due to the significance of the vulnerability, network administrators are advised to mitigate this issue in a timely manner. Doing so manually is tricky, especially if many devices are involved. Because Read more about Automating Mitigation of the F5 BIG-IP TMUI RCE Security Vulnerability Using Ansible Tower (CVE-2020-5902)[…]

Centralize your Automation Logs with Ansible Tower and Splunk Enterprise

Publicada el julio 9, 2020 por Stack Over Cloud

For many IT teams, automation is a core component these days. But automation is not something on it’s own – it is a part of a puzzle and needs to interact with the surrounding IT. So one way to grade automation is how well it integrates with other tooling of the IT ecosystem – like Read more about Centralize your Automation Logs with Ansible Tower and Splunk Enterprise[…]