How to introduce your security team to Ansible | Opensource.com

How to introduce your security team to Ansible

Here are five ideas for security automation.

a checklist for a team
Image by : 
Opensource.com
x

Subscribe now

Get the highlights in your inbox every week.

Ansible has long been seen as more than configuration management—it's an orchestrator more than anything, a conductor of the orchestra rather than playing a singular instrument. Since realising this, various tech communities have used Ansible to automate some interesting technology arenas.

The networking space is now well catered for by Ansible, and quite a few security folk are realising the same simple structure and easy learning path can help them too. But, how do you convince your security team that Ansible can help them too? Here are five areas that might pique their interest.

Operating systems

Security and compliance of operating systems can be lengthy and detailed. So help your security folks see that Ansible can help. Here's a useful webinar, with plenty of examples:

Security and compliance automation with Ansible

Patching

Keeping systems up to date is one of the simplest things you can do to create a secure footprint. Automate patching to make things even simpler. Here's an article about a strategy for patching Linux systems:

A data-centric approach to patching systems with Ansible

Applications

A lot of applications require their own passwords. Automate password creation and management, and no human ever need remember them—or write them down and stick them to a screen on their desk:

Rotate passwords with Ansible and HashiVault

Network

Besides configuring networks, you can manage them with Ansible, too:

Using Ansible to mitigate network vulnerabilities

Gluing things together

The real power of Ansible comes from its ability to be "automation glue." The old-fashioned method of automating with scripts in a multitude of different languages can be improved by using a common language. In his blog post, Dan Walsh lists many simple tasks that could easily be gathered together and orchestrated by Ansible. This post on ops tasks to do with Ansible shows several things being run and managed by Ansible—maybe it will provide inspiration for a keen security automator in your company.

These are just a handful of areas that could benefit a busy security team looking for some automation help. What other security automation would you like to read about in a future post? Let us know in the comments below.

Text editor on a browser, in blue

See examples and learn the most important modules for automating everyday tasks with Ansible.
Coffee and laptop

Configuring his young daughters' computers with Ansible made it simple for this dad to manage the family's computers.

About the author

Mark Phillips - With a quarter of a century of industry experience, Mark has designed and engineered automated infrastructures at every level–from a handful of hosts in startups, to the tens of thousands in investment banks.