An error occured adding a product to your cart, you may only have 100 items in your cart.

Security Automation with Ansible 2

Automate security-related tasks in a structured, modular fashion using the best open source automation tool available

Preview in Mapt

Code Files

Security Automation with Ansible 2

Madhu Akula, Akash Mahajan
December 2017

2 customer reviews

Automate security-related tasks in a structured, modular fashion using the best open source automation tool available

Quick links: > What will you learn?> Table of content> Product reviews

eBook

$5.00

RRP $35.99

Save 86%

Print + eBook

$44.99

RRP $44.99

What do I get with a Mapt Pro subscription?

Unlimited access to all Packt’s 5,000+ eBooks and Videos
Early Access content, Progress Tracking, and Assessments
1 Free eBook or Video to download and keep every month after trial

What do I get with an eBook?

Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

What do I get with Print & eBook?

Get a paperback copy of the book delivered to you
Download this book in EPUB, PDF, MOBI formats
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

What do I get with a Video?

Download this Video course in MP4 format
DRM FREE - read and interact with your content when you want, where you want, and how you want
Access this title in the Mapt reader

$5.00

$44.99

RRP $35.99

RRP $44.99

eBook

Print + eBook

Frequently bought together

Security Automation with Ansible 2

$ 35.99

$ 5.00

Security Automation with Ansible 2

Dec 2017

324 pages

$ 5.00

Information Security Handbook

$ 35.99

$ 5.00

Information Security Handbook

Dec 2017

330 pages

$ 5.00

Buy 2 for $10.00
Save $61.98

Add to Cart

Book Details

ISBN 139781788394512

Paperback324 pages

Book Description

Security automation is one of the most interesting skills to have nowadays. Ansible allows you to write automation procedures once and use them across your entire infrastructure. This book will teach you the best way to use Ansible for seemingly complex tasks by using the various building blocks available and creating solutions that are easy to teach others, store for later, perform version control on, and repeat.

We’ll start by covering various popular modules and writing simple playbooks to showcase those modules. You’ll see how this can be applied over a variety of platforms and operating systems, whether they are Windows/Linux bare metal servers or containers on a cloud platform. Once the bare bones automation is in place, you’ll learn how to leverage tools such as Ansible Tower or even Jenkins to create scheduled repeatable processes around security patching, security hardening, compliance reports, monitoring of systems, and so on.

Moving on, you’ll delve into useful security automation techniques and approaches, and learn how to extend Ansible for enhanced security. While on the way, we will tackle topics like how to manage secrets, how to manage all the playbooks that we will create and how to enable collaboration using Ansible Galaxy. In the final stretch, we’ll tackle how to extend the modules of Ansible for our use, and do all the previous tasks in a programmatic manner to get even more powerful automation frameworks and rigs.

Chapter 1: Introduction to Ansible Playbooks and Roles

Ansible terms to keep in mind

Summary

Chapter 2: Ansible Tower, Jenkins, and Other Automation Tools

Scheduling tools to enable the next abstraction of automation

Getting up and running

Security automation use cases

Summary

Chapter 3: Setting Up a Hardened WordPress with Encrypted Automated Backups

CLI for WordPress

Why Ansible for this setup?

A complete WordPress installation step-by-step

Setting up Apache2 web server

Enabling TLS/SSL with Let's Encrypt

What if you don't want to roll your own? The Trellis stack

WordPress on Windows

Summary

Chapter 4: Log Monitoring and Serverless Automated Defense (Elastic Stack in AWS)

Introduction to Elastic Stack

Automated defense?

Summary

Chapter 5: Automating Web Application Security Testing Using OWASP ZAP

Installing OWASP ZAP

Summary

Chapter 6: Vulnerability Scanning with Nessus

Introduction to Nessus

Summary

Chapter 7: Security Hardening for Applications and Networks

Security hardening with benchmarks such as CIS, STIGs, and NIST

Automating security audit checks for networking devices using Ansible

Automation security audit checks for applications using Ansible

Automated patching approaches using Ansible

Summary

Chapter 8: Continuous Security Scanning for Docker Containers

Understanding continuous security concepts

Automating vulnerability assessments of Docker containers using Ansible

Scheduled scans using Ansible Tower for Docker security

Scheduled scans using Ansible Tower for operating systems and kernel security

Scheduled scans for file integrity checks, host-level monitoring using Ansible for various compliance initiatives

Summary

Chapter 9: Automating Lab Setups for Forensics Collection and Malware Analysis

Creating Ansible playbooks for labs for isolated environments

Creating Ansible playbooks for collection and storage with secure backup of forensic artifacts

Summary

Chapter 10: Writing an Ansible Module for Security Testing

Getting started with a hello world Ansible module

Setting up the development environment

Planning and what to keep in mind

OWASP ZAP module

Using Ansible as a Python module

Summary

Chapter 11: Ansible Security Best Practices, References, and Further Reading

Working with Ansible Vault

Setting up and using Ansible Galaxy

Ansible controller machine security

Best practices and reference playbook projects

Additional references

Coming soon to Ansible 2.5

Summary

What You Will Learn

Use Ansible playbooks, roles, modules, and templating to build generic, testable playbooks
Manage Linux and Windows hosts remotely in a repeatable and predictable manner
See how to perform security patch management, and security hardening with scheduling and automation
Set up AWS Lambda for a serverless automated defense
Run continuous security scans against your hosts and automatically fix and harden the gaps
Extend Ansible to write your custom modules and use them as part of your already existing security automation programs
Perform automation security audit checks for applications using Ansible
Manage secrets in Ansible using Ansible Vault

Authors

Madhu Akula

Madhu Akula is a security ninja and security and devops researcher with extensive experience in the industry, ranging from client-facing assignments building scalable and secure infrastructure, to publishing industry-leading research to running training sessions for companies and governments alike.

Madhu’s research papers are frequently selected for major security industry conferences including Defcon 24, All Day DevOps (2016, 2017), DevSecCon (London, Singapore, Boston), DevOpsDays India, c0c0n, Serverless Summit ToorCon, DefCamp, SkydogCon, NolaCon, and null, and more. Madhu was a keynote speaker for the National Cyber Security conference at Dayananda Sagar College in February 2016.

When he’s not working with Appsecco’s clients or speaking at events, he’s actively involved in researching vulnerabilities in open source products/platforms such as WordPress, Ntop, and Opendocman. He’s also a contributing bug hunter with Code Vigilant (a project to secure open source software).

His research has identified many vulnerabilities in over 200 organizations including the U.S. Department of Homeland Security, Google, Microsoft, Yahoo, Adobe, LinkedIn, eBay, AT&T;, Blackberry, Cisco, Barracuda, and more. He is also an active member of Bugcrowd, Hackerone, Synack, and more. Madhu has trained over 5000 people in information security for companies and organizations including the Indian Navy and the Ministry of e-services in a leading Gulf state.

Akash Mahajan

Akash Mahajan is an accomplished security professional with over a decade’s experience in providing specialist application and infrastructure consulting services at the highest levels to companies, governments, and organizations around the world. He has lots of experience in working with clients to provide innovative security insights that truly reflect the commercial and operational needs of the organization, from strategic advice to testing and analysis to incident response and recovery.

He is an active participant in the international security community and a conference speaker both individually, as chapter lead of the Bangalore chapter of OWASP the global organization responsible for defining the standards for web application security and as a co-founder of NULL India’s largest open security community.

Akash runs Appsecco, a company focused on Application Security. He authored the book Burp Suite Essentials published by Packt Publishing in November 2014, which is listed as a reference by the creators of Burp Suite.

Chapter 1: Introduction to Ansible Playbooks and Roles

Ansible terms to keep in mind

Summary

Chapter 2: Ansible Tower, Jenkins, and Other Automation Tools

Scheduling tools to enable the next abstraction of automation

Getting up and running

Security automation use cases

Summary

Chapter 3: Setting Up a Hardened WordPress with Encrypted Automated Backups

CLI for WordPress

Why Ansible for this setup?

A complete WordPress installation step-by-step

Setting up Apache2 web server

Enabling TLS/SSL with Let's Encrypt

What if you don't want to roll your own? The Trellis stack

WordPress on Windows

Summary

Chapter 4: Log Monitoring and Serverless Automated Defense (Elastic Stack in AWS)

Introduction to Elastic Stack

Automated defense?

Summary

Chapter 5: Automating Web Application Security Testing Using OWASP ZAP

Installing OWASP ZAP

Summary

Chapter 6: Vulnerability Scanning with Nessus

Introduction to Nessus

Summary

Chapter 7: Security Hardening for Applications and Networks

Security hardening with benchmarks such as CIS, STIGs, and NIST

Automating security audit checks for networking devices using Ansible

Automation security audit checks for applications using Ansible

Automated patching approaches using Ansible

Summary

Chapter 8: Continuous Security Scanning for Docker Containers

Understanding continuous security concepts

Automating vulnerability assessments of Docker containers using Ansible

Scheduled scans using Ansible Tower for Docker security

Scheduled scans using Ansible Tower for operating systems and kernel security

Scheduled scans for file integrity checks, host-level monitoring using Ansible for various compliance initiatives

Summary

Chapter 9: Automating Lab Setups for Forensics Collection and Malware Analysis

Creating Ansible playbooks for labs for isolated environments

Creating Ansible playbooks for collection and storage with secure backup of forensic artifacts

Summary

Chapter 10: Writing an Ansible Module for Security Testing

Getting started with a hello world Ansible module

Setting up the development environment

Planning and what to keep in mind

OWASP ZAP module

Using Ansible as a Python module

Summary

Chapter 11: Ansible Security Best Practices, References, and Further Reading

Working with Ansible Vault

Setting up and using Ansible Galaxy

Ansible controller machine security

Best practices and reference playbook projects

Additional references

Coming soon to Ansible 2.5

Summary

Book Details

ISBN 139781788394512

Paperback324 pages

From 2 reviews

Recommended for You

Information Security Handbook

$ 35.99

$ 5.00

Information Security Handbook

Dec 2017

330 pages

$ 5.00

Internet of Things for Architects

$ 35.99

$ 5.00

Internet of Things for Architects

Apr 2018

345 pages

$ 5.00

Cybersecurity: Attack and Defense Strategies

$ 31.99

$ 5.00

Cybersecurity: Attack and Defense Strategies

Apr 2018

449 pages

$ 5.00

Ansible 2: Advancements with Security Automation [Video]

$ 124.99

$ 5.00

Ansible 2: Advancements with Security Automation [Video]

Oct 2017

1 hour and 39 minutes

$ 5.00

Getting Started with Ansible 2 Security Automation [Video]

$ 124.99

$ 5.00

Getting Started with Ansible 2 Security Automation [Video]

Sep 2017

1 hour and 20 minutes

$ 5.00

Containerization with Ansible 2

$ 31.99

$ 5.00

Containerization with Ansible 2

Dec 2017

234 pages

$ 5.00

Security Automation with Ansible 2

Security Automation with Ansible 2

Frequently bought together

Book Details

Book Description

Table of Contents

What You Will Learn

Authors

Madhu Akula

Akash Mahajan

Table of Contents

Book Details

Recommended for You

Contact Us

Help & Support

Alerts & Offers

Dec	JAN	Feb
	10
2017	2018	2019

Log in to your account

Not yet a member?

Security Automation with Ansible 2

Security Automation with Ansible 2

Frequently bought together

Book Details

Book Description

Table of Contents

What You Will Learn

Authors

Madhu Akula

Akash Mahajan

Table of Contents

Book Details

Recommended for You

Contact Us

Help & Support

Alerts & Offers

Series & Level

Learning

Beginner's Guide

Essentials

Cookbook

Blueprints

Mastering

Starting

Progressing